From: Dan Prince Date: Wed, 4 Sep 2013 17:00:36 +0000 (-0400) Subject: Add ceilometer::agent::auth. X-Git-Tag: 3.0.0-rc2~9 X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=caf96f5395fc79203a1b53c6b54dd9707469930f;p=puppet-modules%2Fpuppet-ceilometer.git Add ceilometer::agent::auth. Adds a new agent::auth manifest to hold common auth parameters used by the Ceilometer compute and central agents. This fixes a deployment issue where you would get duplicate auth parameter errors when trying to configure the compute and central agent on the same machine. Fixes Bug #1220810. Change-Id: I167c6c570bdebb4be2ef99cd0b9cf81f37856d9f --- diff --git a/examples/site.pp b/examples/site.pp index 842a448..9ccb511 100644 --- a/examples/site.pp +++ b/examples/site.pp @@ -28,6 +28,10 @@ node default { keystone_password => 'tralalayouyou' } + # Set common auth parameters used by all agents (compute/central) + class { 'ceilometer::agent::auth': + } + # Install compute agent class { 'ceilometer::agent::compute': } diff --git a/manifests/agent/auth.pp b/manifests/agent/auth.pp new file mode 100644 index 0000000..04579c2 --- /dev/null +++ b/manifests/agent/auth.pp @@ -0,0 +1,62 @@ +# The ceilometer::agent::auth class helps configure common +# auth settings for the agents. +# +# == Parameters +# [*auth_url*] +# the keystone public endpoint +# Optional. Defaults to 'http://localhost:5000/v2.0' +# +# [*auth_region*] +# the keystone region of this node +# Optional. Defaults to 'RegionOne' +# +# [*auth_user*] +# the keystone user for ceilometer services +# Optional. Defaults to 'ceilometer' +# +# [*auth_password*] +# the keystone password for ceilometer services +# Required. +# +# [*auth_tenant_name*] +# the keystone tenant name for ceilometer services +# Optional. Defaults to 'services' +# +# [*auth_tenant_id*] +# the keystone tenant id for ceilometer services. +# Optional. Defaults to empty. +# +# [*auth_cacert*] +# Certificate chain for SSL validation. Optional; Defaults to 'None' +# +class ceilometer::agent::auth ( + $auth_password, + $auth_url = 'http://localhost:5000/v2.0', + $auth_region = 'RegionOne', + $auth_user = 'ceilometer', + $auth_tenant_name = 'services', + $auth_tenant_id = '', + $auth_cacert = undef, +) { + + if ! $auth_cacert { + ceilometer_config { 'DEFAULT/os_cacert': ensure => absent } + } else { + ceilometer_config { 'DEFAULT/os_cacert': value => $auth_cacert } + } + + ceilometer_config { + 'DEFAULT/os_auth_url' : value => $auth_url; + 'DEFAULT/os_auth_region' : value => $auth_region; + 'DEFAULT/os_username' : value => $auth_user; + 'DEFAULT/os_password' : value => $auth_password; + 'DEFAULT/os_tenant_name' : value => $auth_tenant_name; + } + + if ($auth_tenant_id != '') { + ceilometer_config { + 'DEFAULT/os_tenant_id' : value => $auth_tenant_id; + } + } + +} diff --git a/manifests/agent/central.pp b/manifests/agent/central.pp index d9c2598..0a07856 100644 --- a/manifests/agent/central.pp +++ b/manifests/agent/central.pp @@ -1,38 +1,10 @@ # Installs/configures the ceilometer central agent # # == Parameters -# [*auth_url*] -# Keystone URL. Optional. Defaults to 'http://localhost:5000/v2.0' -# -# [*auth_region*] -# Keystone region. Optional. Defaults to 'RegionOne' -# -# [*auth_user*] -# Keystone user for ceilometer. Optional. Defaults to 'ceilometer' -# -# [*auth_password*] -# Keystone password for ceilometer. Optional. Defaults to 'password' -# -# [*auth_tenant_name*] -# Keystone tenant name for ceilometer. Optional. Defaults to 'services' -# -# [*auth_tenant_id*] -# Keystone tenant id for ceilometer. Optional. Defaults to empty. -# -# [*auth_cacert*] -# Certificate chain for SSL validation. Optional; Defaults to 'None' -# # [*enabled*] # Should the service be enabled. Optional. Defauls to true # class ceilometer::agent::central ( - $auth_url = 'http://localhost:5000/v2.0', - $auth_region = 'RegionOne', - $auth_user = 'ceilometer', - $auth_password = 'password', - $auth_tenant_name = 'services', - $auth_tenant_id = '', - $auth_cacert = undef, $enabled = true, ) { @@ -46,12 +18,6 @@ class ceilometer::agent::central ( name => $::ceilometer::params::agent_central_package_name, } - if ! $auth_cacert { - ceilometer_config { 'DEFAULT/os_cacert': ensure => absent } - } else { - ceilometer_config { 'DEFAULT/os_cacert': value => $auth_cacert } - } - if $enabled { $service_ensure = 'running' } else { @@ -67,17 +33,4 @@ class ceilometer::agent::central ( hasrestart => true, } - ceilometer_config { - 'DEFAULT/os_auth_url' : value => $auth_url; - 'DEFAULT/os_auth_region' : value => $auth_region; - 'DEFAULT/os_username' : value => $auth_user; - 'DEFAULT/os_password' : value => $auth_password; - 'DEFAULT/os_tenant_name' : value => $auth_tenant_name; - } - - if ($auth_tenant_id != '') { - ceilometer_config { - 'DEFAULT/os_tenant_id' : value => $auth_tenant_id; - } - } } diff --git a/manifests/agent/compute.pp b/manifests/agent/compute.pp index e5cc332..0789c5d 100644 --- a/manifests/agent/compute.pp +++ b/manifests/agent/compute.pp @@ -2,45 +2,11 @@ # Include this class on all nova compute nodes # # == Parameters -# [*auth_url*] -# the keystone public endpoint -# Optional. Defaults to 'http://localhost:5000/v2.0' -# -# [*auth_region*] -# the keystone region of this compute node -# Optional. Defaults to 'RegionOne' -# -# [*auth_user*] -# the keystone user for ceilometer services -# Optional. Defaults to 'ceilometer' -# -# [*auth_password*] -# the keystone password for ceilometer services -# Optional. Defaults to 'password' -# -# [*auth_tenant_name*] -# the keystone tenant name for ceilometer services -# Optional. Defaults to 'services' -# -# [*auth_tenant_id*] -# the keystone tenant id for ceilometer services. -# Optional. Defaults to empty. -# -# [*auth_cacert*] -# Certificate chain for SSL validation. Optional; Defaults to 'None' -# # [*enabled*] # should the service be started or not # Optional. Defaults to true # class ceilometer::agent::compute ( - $auth_url = 'http://localhost:5000/v2.0', - $auth_region = 'RegionOne', - $auth_user = 'ceilometer', - $auth_password = 'password', - $auth_tenant_name = 'services', - $auth_tenant_id = '', - $auth_cacert = undef, $enabled = true, ) inherits ceilometer { @@ -54,20 +20,12 @@ class ceilometer::agent::compute ( name => $::ceilometer::params::agent_compute_package_name, } - if ! $auth_cacert { - ceilometer_config { 'DEFAULT/os_cacert': ensure => absent } - } else { - ceilometer_config { 'DEFAULT/os_cacert': value => $auth_cacert } - } - - if $::ceilometer::params::libvirt_group { User['ceilometer'] { groups +> [$::ceilometer::params::libvirt_group] } } - if $enabled { $service_ensure = 'running' } else { @@ -83,20 +41,6 @@ class ceilometer::agent::compute ( hasrestart => true, } - ceilometer_config { - 'DEFAULT/os_auth_url' : value => $auth_url; - 'DEFAULT/os_auth_region' : value => $auth_region; - 'DEFAULT/os_username' : value => $auth_user; - 'DEFAULT/os_password' : value => $auth_password; - 'DEFAULT/os_tenant_name' : value => $auth_tenant_name; - } - - if ($auth_tenant_id != '') { - ceilometer_config { - 'DEFAULT/os_tenant_id' : value => $auth_tenant_id; - } - } - nova_config { 'DEFAULT/instance_usage_audit' : value => 'True'; 'DEFAULT/instance_usage_audit_period' : value => 'hour'; diff --git a/spec/classes/ceilometer_agent_auth_spec.rb b/spec/classes/ceilometer_agent_auth_spec.rb new file mode 100644 index 0000000..bf8feb7 --- /dev/null +++ b/spec/classes/ceilometer_agent_auth_spec.rb @@ -0,0 +1,39 @@ +require 'spec_helper' + +describe 'ceilometer::agent::auth' do + + let :pre_condition do + "class { 'ceilometer': metering_secret => 's3cr3t' }" + end + + let :params do + { :auth_url => 'http://localhost:5000/v2.0', + :auth_region => 'RegionOne', + :auth_user => 'ceilometer', + :auth_password => 'password', + :auth_tenant_name => 'services', + :enabled => true, + } + end + + shared_examples_for 'ceilometer-agent-auth' do + + it 'configures authentication' do + should contain_ceilometer_config('DEFAULT/os_auth_url').with_value('http://localhost:5000/v2.0') + should contain_ceilometer_config('DEFAULT/os_auth_region').with_value('RegionOne') + should contain_ceilometer_config('DEFAULT/os_username').with_value('ceilometer') + should contain_ceilometer_config('DEFAULT/os_password').with_value('password') + should contain_ceilometer_config('DEFAULT/os_tenant_name').with_value('services') + should contain_ceilometer_config('DEFAULT/os_cacert').with(:ensure => 'absent') + end + + context 'when overriding parameters' do + before do + params.merge!(:auth_cacert => '/tmp/dummy.pem') + end + it { should contain_ceilometer_config('DEFAULT/os_cacert').with_value(params[:auth_cacert]) } + end + + end + +end diff --git a/spec/classes/ceilometer_agent_central_spec.rb b/spec/classes/ceilometer_agent_central_spec.rb index 6cb17c9..ac49f26 100644 --- a/spec/classes/ceilometer_agent_central_spec.rb +++ b/spec/classes/ceilometer_agent_central_spec.rb @@ -7,13 +7,7 @@ describe 'ceilometer::agent::central' do end let :params do - { :auth_url => 'http://localhost:5000/v2.0', - :auth_region => 'RegionOne', - :auth_user => 'ceilometer', - :auth_password => 'password', - :auth_tenant_name => 'services', - :enabled => true, - } + { :enabled => true } end shared_examples_for 'ceilometer-agent-central' do @@ -44,21 +38,7 @@ describe 'ceilometer::agent::central' do ) end - it 'configures authentication' do - should contain_ceilometer_config('DEFAULT/os_auth_url').with_value('http://localhost:5000/v2.0') - should contain_ceilometer_config('DEFAULT/os_auth_region').with_value('RegionOne') - should contain_ceilometer_config('DEFAULT/os_username').with_value('ceilometer') - should contain_ceilometer_config('DEFAULT/os_password').with_value('password') - should contain_ceilometer_config('DEFAULT/os_tenant_name').with_value('services') - end - - context 'when overriding parameters' do - before do - params.merge!(:auth_cacert => '/tmp/dummy.pem') - end - it { should contain_ceilometer_config('DEFAULT/os_cacert').with_value(params[:auth_cacert]) } - end -end + end context 'on Debian platforms' do let :facts do diff --git a/spec/classes/ceilometer_agent_compute_spec.rb b/spec/classes/ceilometer_agent_compute_spec.rb index a6092fa..af7a698 100644 --- a/spec/classes/ceilometer_agent_compute_spec.rb +++ b/spec/classes/ceilometer_agent_compute_spec.rb @@ -9,13 +9,7 @@ describe 'ceilometer::agent::compute' do end let :params do - { :auth_url => 'http://localhost:5000/v2.0', - :auth_region => 'RegionOne', - :auth_user => 'ceilometer', - :auth_password => 'password', - :auth_tenant_name => 'services', - :enabled => true, - } + { :enabled => true } end shared_examples_for 'ceilometer-agent-compute' do @@ -52,22 +46,6 @@ describe 'ceilometer::agent::compute' do ) end - it 'configures authentication' do - should contain_ceilometer_config('DEFAULT/os_auth_url').with_value('http://localhost:5000/v2.0') - should contain_ceilometer_config('DEFAULT/os_auth_region').with_value('RegionOne') - should contain_ceilometer_config('DEFAULT/os_username').with_value('ceilometer') - should contain_ceilometer_config('DEFAULT/os_password').with_value('password') - should contain_ceilometer_config('DEFAULT/os_tenant_name').with_value('services') - should contain_ceilometer_config('DEFAULT/os_cacert').with(:ensure => 'absent') - end - - context 'when overriding parameters' do - before do - params.merge!(:auth_cacert => '/tmp/dummy.pem') - end - it { should contain_ceilometer_config('DEFAULT/os_cacert').with_value(params[:auth_cacert]) } - end - it 'configures instance usage audit in nova' do should contain_nova_config('DEFAULT/instance_usage_audit').with_value('True') should contain_nova_config('DEFAULT/instance_usage_audit_period').with_value('hour') @@ -85,7 +63,8 @@ describe 'ceilometer::agent::compute' do :notify => 'Service[nova-compute]' ) end -end + + end context 'on Debian platforms' do let :facts do