]> review.fuel-infra Code Review - puppet-modules/puppet-ceilometer.git/commitdiff
Code Review / puppet-modules / puppet-ceilometer.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: e1febab)
Use 'password' auth_type by default
authoriberezovskiy <iberezovskiy@mirantis.com>
Tue, 24 May 2016 13:29:46 +0000 (16:29 +0300)
committerIvan Berezovskiy <iberezovskiy@mirantis.com>
Wed, 25 May 2016 14:44:59 +0000 (14:44 +0000)
It's better to use 'password' keystone auth plugin by default
for the supporting v2 and v3 keystone API instead of ceilometer
legacy keystone loader which supports only v2.
Remove hard-coded API version from auth_url as well.

Actually this legacy loader has been deprecated in Mitaka and
has been already removed in Newton:
https://review.openstack.org/#/c/307053/

Change-Id: Iad68b6c1c29f9d9cd1b41ecc2898732fa030d401

manifests/agent/auth.pp patch | blob | history
releasenotes/notes/password_auth_type-810a86921a846b2f.yaml [new file with mode: 0644] patch | blob
spec/classes/ceilometer_agent_auth_spec.rb patch | blob | history

diff --git a/manifests/agent/auth.pp b/manifests/agent/auth.pp
index a512fba80929298a1f54ba88e0e2f1006e305009..db14d557dfc6959b00ba90397aaab46a737d1db5 100644 (file)
--- a/manifests/agent/auth.pp
+++ b/manifests/agent/auth.pp
@@ -7,7 +7,7 @@
 #
 # [*auth_url*]
 #   (Optional) the keystone public endpoint
-#   Defaults to 'http://localhost:5000/v2.0'.
+#   Defaults to 'http://localhost:5000'.
 #
 # [*auth_region*]
 #   (Optional) the keystone region of this node
@@ -39,28 +39,28 @@
 #
 # [*auth_user_domain_name*]
 #   (Optional) domain name for auth user.
-#   Defaults to $::os_service_default.
+#   Defaults to 'Default'.
 #
 # [*auth_project_domain_name*]
 #   (Optional) domain name for auth project.
-#   Defaults to $::os_service_default.
+#   Defaults to 'Default'.
 #
 # [*auth_type*]
 #   (Optional) Authentication type to load.
-#   Defaults to $::os_service_default.
+#   Defaults to 'password'.
 #
 class ceilometer::agent::auth (
   $auth_password,
-  $auth_url                 = 'http://localhost:5000/v2.0',
+  $auth_url                 = 'http://localhost:5000',
   $auth_region              = $::os_service_default,
   $auth_user                = 'ceilometer',
   $auth_tenant_name         = 'services',
   $auth_tenant_id           = undef,
   $auth_cacert              = undef,
   $auth_endpoint_type       = undef,
-  $auth_user_domain_name    = $::os_service_default,
-  $auth_project_domain_name = $::os_service_default,
-  $auth_type                = $::os_service_default,
+  $auth_user_domain_name    = 'Default',
+  $auth_project_domain_name = 'Default',
+  $auth_type                = 'password',
 ) {
 
   if ! $auth_cacert {
diff --git a/releasenotes/notes/password_auth_type-810a86921a846b2f.yaml b/releasenotes/notes/password_auth_type-810a86921a846b2f.yaml
new file mode 100644 (file)
index 0000000..c580c33
--- /dev/null
+++ b/releasenotes/notes/password_auth_type-810a86921a846b2f.yaml
@@ -0,0 +1,5 @@
+---
+upgrade:
+  - Update auth_type value to 'password' to use keystone auth
+    plugin by default instead of ceilometer legacy keystone loader.
+  - Remove hard-coded API version from auth url
diff --git a/spec/classes/ceilometer_agent_auth_spec.rb b/spec/classes/ceilometer_agent_auth_spec.rb
index 8d9401541a018cd8b1ccdb8057ee9f1ddba849e1..72a4d81aa64e9aa1454a08ca5733ed2ba5f183f0 100644 (file)
--- a/spec/classes/ceilometer_agent_auth_spec.rb
+++ b/spec/classes/ceilometer_agent_auth_spec.rb
@@ -7,7 +7,7 @@ describe 'ceilometer::agent::auth' do
   end
 
   let :params do
-    { :auth_url         => 'http://localhost:5000/v2.0',
+    { :auth_url         => 'http://localhost:5000',
       :auth_region      => '<SERVICE DEFAULT>',
       :auth_user        => 'ceilometer',
       :auth_password    => 'password',
@@ -18,16 +18,16 @@ describe 'ceilometer::agent::auth' do
   shared_examples_for 'ceilometer-agent-auth' do
 
     it 'configures authentication' do
-      is_expected.to contain_ceilometer_config('service_credentials/auth_url').with_value('http://localhost:5000/v2.0')
+      is_expected.to contain_ceilometer_config('service_credentials/auth_url').with_value('http://localhost:5000')
       is_expected.to contain_ceilometer_config('service_credentials/region_name').with_value('<SERVICE DEFAULT>')
       is_expected.to contain_ceilometer_config('service_credentials/username').with_value('ceilometer')
       is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password')
       is_expected.to contain_ceilometer_config('service_credentials/password').with_value(params[:auth_password]).with_secret(true)
       is_expected.to contain_ceilometer_config('service_credentials/project_name').with_value('services')
       is_expected.to contain_ceilometer_config('service_credentials/ca_file').with(:ensure => 'absent')
-      is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value('<SERVICE DEFAULT>')
-      is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value('<SERVICE DEFAULT>')
-      is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value('Default')
+      is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value('Default')
+      is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value('password')
     end
 
     context 'when overriding parameters' do