# (optional) The name of the auth user
# Defaults to ceilometer
#
-# [*keystone_host*]
-# (optional) DEPRECATED. Keystone's admin endpoint IP/Host.
-# Defaults to '127.0.0.1'
-#
-# [*keystone_port*]
-# (optional) DEPRECATED. Keystone's admin endpoint port.
-# Defaults to 35357
-#
-# [*keystone_auth_admin_prefix*]
-# (optional) DEPRECATED. 'path' to the keystone admin endpoint.
-# Define to a path starting with a '/' and without trailing '/'.
-# Eg.: '/keystone/admin' to match keystone::wsgi::apache default.
-# Defaults to false (empty)
-#
-# [*keystone_protocol*]
-# (optional) DEPRECATED. 'http' or 'https'
-# Defaults to 'https'.
-#
# [*keytone_user*]
# (optional) User to authenticate with.
# Defaults to 'ceilometer'.
#
# [*keystone_auth_uri*]
# (optional) Public Identity API endpoint.
-# Defaults to 'false'.
+# Defaults to 'http://127.0.0.1:5000/'.
#
# [*keystone_identity_uri*]
# (optional) Complete admin Identity API endpoint.
-# Defaults to: false
+# Defaults to: 'http://127.0.0.1:35357/'
#
# [*host*]
# (optional) The ceilometer api bind address.
$keystone_user = 'ceilometer',
$keystone_tenant = 'services',
$keystone_password = false,
- $keystone_auth_uri = false,
- $keystone_identity_uri = false,
+ $keystone_auth_uri = 'http://127.0.0.1:5000/',
+ $keystone_identity_uri = 'http://127.0.0.1:35357/',
$host = '0.0.0.0',
$port = '8777',
$service_name = $::ceilometer::params::api_service_name,
$api_workers = $::os_service_default,
- # DEPRECATED PARAMETERS
- $keystone_host = '127.0.0.1',
- $keystone_port = '35357',
- $keystone_auth_admin_prefix = false,
- $keystone_protocol = 'http',
) inherits ceilometer::params {
include ::ceilometer::params
'api/port' : value => $port;
}
- # if both auth_uri and identity_uri are set we skip these deprecated settings entirely
- if !$keystone_auth_uri or !$keystone_identity_uri {
-
- if $keystone_auth_admin_prefix {
- validate_re($keystone_auth_admin_prefix, '^(/.+[^/])?$')
- warning('The keystone_auth_admin_prefix parameter is deprecated. Please use keystone_auth_uri and keystone_identity_uri instead.')
- ceilometer_config {
- 'keystone_authtoken/auth_admin_prefix': value => $keystone_auth_admin_prefix;
- }
- } else {
- ceilometer_config {
- 'keystone_authtoken/auth_admin_prefix': ensure => absent;
- }
- }
-
- if $keystone_host {
- warning('The keystone_host parameter is deprecated. Please use keystone_auth_uri and keystone_identity_uri instead.')
- ceilometer_config {
- 'keystone_authtoken/auth_host': value => $keystone_host;
- }
- } else {
- ceilometer_config {
- 'keystone_authtoken/auth_host': ensure => absent;
- }
- }
-
- if $keystone_port {
- warning('The keystone_port parameter is deprecated. Please use keystone_auth_uri and keystone_identity_uri instead.')
- ceilometer_config {
- 'keystone_authtoken/auth_port': value => $keystone_port;
- }
- } else {
- ceilometer_config {
- 'keystone_authtoken/auth_port': ensure => absent;
- }
- }
-
- if $keystone_protocol {
- warning('The keystone_protocol parameter is deprecated. Please use keystone_auth_uri and keystone_identity_uri instead.')
- ceilometer_config {
- 'keystone_authtoken/auth_protocol': value => $keystone_protocol;
- }
- } else {
- ceilometer_config {
- 'keystone_authtoken/auth_protocol': ensure => absent;
- }
- }
- } else {
- ceilometer_config {
- 'keystone_authtoken/auth_host' : ensure => absent;
- 'keystone_authtoken/auth_port' : ensure => absent;
- 'keystone_authtoken/auth_protocol' : ensure => absent;
- 'keystone_authtoken/auth_admin_prefix' : ensure => absent;
- }
- }
-
- if $keystone_auth_uri {
- $keystone_auth_uri_real = $keystone_auth_uri
- } elsif $keystone_host and $keystone_protocol {
- $keystone_auth_uri_real = "${keystone_protocol}://${keystone_host}:5000/"
- }
-
ceilometer_config {
- 'keystone_authtoken/auth_uri': value => $keystone_auth_uri_real;
- }
-
- if $keystone_identity_uri {
- ceilometer_config {
- 'keystone_authtoken/identity_uri': value => $keystone_identity_uri;
- }
- } else {
- ceilometer_config {
- 'keystone_authtoken/identity_uri': ensure => absent;
- }
+ 'keystone_authtoken/auth_uri' : value => $keystone_auth_uri;
+ 'keystone_authtoken/identity_uri' : value => $keystone_identity_uri;
}
}
let :params do
{ :enabled => true,
:manage_service => true,
- :keystone_host => '127.0.0.1',
- :keystone_port => '35357',
- :keystone_protocol => 'http',
:keystone_user => 'ceilometer',
:keystone_password => 'ceilometer-passw0rd',
:keystone_tenant => 'services',
end
it 'configures keystone authentication middleware' do
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_host').with_value( params[:keystone_host] )
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_port').with_value( params[:keystone_port] )
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_protocol').with_value( params[:keystone_protocol] )
is_expected.to contain_ceilometer_config('keystone_authtoken/admin_tenant_name').with_value( params[:keystone_tenant] )
is_expected.to contain_ceilometer_config('keystone_authtoken/admin_user').with_value( params[:keystone_user] )
is_expected.to contain_ceilometer_config('keystone_authtoken/admin_password').with_value( params[:keystone_password] )
is_expected.to contain_ceilometer_config('keystone_authtoken/admin_password').with_value( params[:keystone_password] ).with_secret(true)
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_admin_prefix').with_ensure('absent')
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_uri').with_value( params[:keystone_protocol] + "://" + params[:keystone_host] + ":5000/" )
+ is_expected.to contain_ceilometer_config('keystone_authtoken/auth_uri').with_value("http://127.0.0.1:5000/")
+ is_expected.to contain_ceilometer_config('keystone_authtoken/identity_uri').with_value("http://127.0.0.1:35357/")
is_expected.to contain_ceilometer_config('api/host').with_value( params[:host] )
is_expected.to contain_ceilometer_config('api/port').with_value( params[:port] )
is_expected.to contain_ceilometer_config('DEFAULT/api_workers').with_value('<SERVICE DEFAULT>')
end
- context 'when specifying keystone_auth_admin_prefix' do
- describe 'with a correct value' do
- before { params['keystone_auth_admin_prefix'] = '/keystone/admin' }
- it { is_expected.to contain_ceilometer_config('keystone_authtoken/auth_admin_prefix').with_value('/keystone/admin') }
- end
-
- [
- '/keystone/',
- 'keystone/',
- 'keystone',
- '/keystone/admin/',
- 'keystone/admin/',
- 'keystone/admin'
- ].each do |auth_admin_prefix|
- describe "with an incorrect value #{auth_admin_prefix}" do
- before { params['keystone_auth_admin_prefix'] = auth_admin_prefix }
-
- it { expect { is_expected.to contain_ceilomete_config('keystone_authtoken/auth_admin_prefix') }.to \
- raise_error(Puppet::Error, /validate_re\(\): "#{auth_admin_prefix}" does not match/) }
- end
- end
- end
-
[{:enabled => true}, {:enabled => false}].each do |param_hash|
context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do
before do
it_configures 'ceilometer-api'
end
- describe 'with custom auth_uri' do
- let :facts do
- @default_facts.merge({ :osfamily => 'RedHat' })
- end
- before do
- params.merge!({
- :keystone_auth_uri => 'https://foo.bar:1234/',
- })
- end
- it 'should configure custom auth_uri correctly' do
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_uri').with_value( 'https://foo.bar:1234/' )
- end
- end
-
- describe "with custom keystone identity_uri" do
- let :facts do
- @default_facts.merge({ :osfamily => 'RedHat' })
- end
- before do
- params.merge!({
- :keystone_identity_uri => 'https://foo.bar:1234/',
- })
- end
- it 'configures identity_uri' do
- is_expected.to contain_ceilometer_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:1234/");
- # since only auth_uri is set the deprecated auth parameters should
- # still get set in case they are still in use
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_host').with_value('127.0.0.1');
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_port').with_value('35357');
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_protocol').with_value('http');
- end
- end
-
describe "with custom keystone identity_uri and auth_uri" do
let :facts do
@default_facts.merge({ :osfamily => 'RedHat' })
end
before do
- params.merge!({
+ params.merge!({
:keystone_identity_uri => 'https://foo.bar:35357/',
- :keystone_auth_uri => 'https://foo.bar:5000/v2.0/',
+ :keystone_auth_uri => 'https://foo.bar:5000/',
})
end
it 'configures identity_uri and auth_uri but deprecates old auth settings' do
is_expected.to contain_ceilometer_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:35357/");
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000/v2.0/");
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_admin_prefix').with(:ensure => 'absent')
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_port').with(:ensure => 'absent')
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_protocol').with(:ensure => 'absent')
- is_expected.to contain_ceilometer_config('keystone_authtoken/auth_host').with(:ensure => 'absent')
+ is_expected.to contain_ceilometer_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000/");
end
end
Code Review / puppet-modules / puppet-ceilometer.git / commitdiff