aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEmilien Macchi <emilien@redhat.com>2017-10-02 13:47:10 -0700
committerEmilien Macchi <emilien@redhat.com>2017-10-06 19:01:36 +0000
commit7f1a21a378341fe3908e5efb17ca080360b6b606 (patch)
treef4da2261a8b05343dfe3d7037699cb4bb41cfc68
parent67e1e603a6b81e7532eb2cac2e27eec1ea413d32 (diff)
Allow to configure snmpd_config
Expose a new Puppet parameter to snmp profile, ``snmpd_config`` which is an array definded to undef by default. It can be used to override all snmpd configuration for advanced deployments. If used, all parameters have to be configured included users and passwords, which should be the same as given to snmpd_password and snmpd_user. There is no logic that will verify the content of ``snmpd_config``. Example of hieradata which configures snmpd_config: snmpd_config: - 'createUser ro_snmp_user MD5 "secrete"', - 'rouser ro_snmp_user' - 'proc neutron-server' - 'proc nova-api' Change-Id: Ief2518d5e47137215a34e9ae3b35c27c87fa6e08 Closes-Bug: #1720868 (cherry picked from commit c211ba78cabde54be2e3a6672f6e1d33d1d580f0)
-rw-r--r--Puppetfile_extras5
-rw-r--r--manifests/profile/base/snmp.pp44
-rw-r--r--releasenotes/notes/snmdd_config-db21f3175967be4a.yaml11
-rw-r--r--spec/classes/tripleo_profile_base_snmp_spec.rb83
4 files changed, 132 insertions, 11 deletions
diff --git a/Puppetfile_extras b/Puppetfile_extras
index 4bc9d3f..ce239c3 100644
--- a/Puppetfile_extras
+++ b/Puppetfile_extras
@@ -52,3 +52,8 @@ mod 'opendaylight',
mod 'ssh',
:git => 'https://github.com/saz/puppet-ssh',
:ref => 'v3.0.1'
+
+mod 'snmp',
+ :git => 'https://github.com/razorsedge/puppet-snmp',
+ :ref => 'master'
+
diff --git a/manifests/profile/base/snmp.pp b/manifests/profile/base/snmp.pp
index ecef5ae..6c26e1c 100644
--- a/manifests/profile/base/snmp.pp
+++ b/manifests/profile/base/snmp.pp
@@ -18,6 +18,20 @@
#
# === Parameters
#
+# [*snmpd_config*]
+# An array of snmp config.
+# Example:
+# snmpd_config:
+# - 'createUser ro_snmp_user MD5 "secrete"',
+# - 'rouser ro_snmp_user'
+# - 'proc neutron-server'
+# - 'proc nova-api'
+# Note: since we give total freedom to configure snmpd_config and don't
+# verify the content, the user will have to ensure that the parameters
+# related to user / password in the array, are the same given to
+# THT via SnmpdReadonlyUserName and SnmpdReadonlyUserPassword.
+# Defaults to undef.
+#
# [*snmpd_password*]
# The SNMP password
# Defaults to hiera('snmpd_readonly_user_password')
@@ -32,6 +46,7 @@
# Defaults to hiera('step')
#
class tripleo::profile::base::snmp (
+ $snmpd_config = undef,
$snmpd_password = hiera('snmpd_readonly_user_password'),
$snmpd_user = hiera('snmpd_readonly_user_name'),
$step = Integer(hiera('step')),
@@ -41,17 +56,24 @@ class tripleo::profile::base::snmp (
authtype => 'MD5',
authpass => $snmpd_password,
}
- class { '::snmp':
- snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']),
- join(['rouser ', $snmpd_user]),
- 'proc cron',
- 'includeAllDisks 10%',
- 'master agentx',
- 'trapsink localhost public',
- 'iquerySecName internalUser',
- 'rouser internalUser',
- 'defaultMonitors yes',
- 'linkUpDownNotifications yes' ],
+ if $snmpd_config {
+ validate_array($snmpd_config)
+ class { '::snmp':
+ snmpd_config => $snmpd_config,
+ }
+ } else {
+ class { '::snmp':
+ snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']),
+ join(['rouser ', $snmpd_user]),
+ 'proc cron',
+ 'includeAllDisks 10%',
+ 'master agentx',
+ 'trapsink localhost public',
+ 'iquerySecName internalUser',
+ 'rouser internalUser',
+ 'defaultMonitors yes',
+ 'linkUpDownNotifications yes' ],
+ }
}
}
}
diff --git a/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml b/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml
new file mode 100644
index 0000000..4db033a
--- /dev/null
+++ b/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml
@@ -0,0 +1,11 @@
+---
+features:
+ - |
+ Expose a new Puppet parameter to snmp profile, ``snmpd_config`` which
+ is an array definded to undef by default.
+ It can be used to override all snmpd configuration for advanced
+ deployments.
+ If used, all parameters have to be configured included users and
+ passwords, which should be the same as given to snmpd_password
+ and snmpd_user. There is no logic that will verify the content
+ of ``snmpd_config``.
diff --git a/spec/classes/tripleo_profile_base_snmp_spec.rb b/spec/classes/tripleo_profile_base_snmp_spec.rb
new file mode 100644
index 0000000..c8a7074
--- /dev/null
+++ b/spec/classes/tripleo_profile_base_snmp_spec.rb
@@ -0,0 +1,83 @@
+#
+# Copyright (C) 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+require 'spec_helper'
+
+describe 'tripleo::profile::base::snmp' do
+
+ shared_examples_for 'tripleo::profile::base::snmp' do
+ context 'with default configuration' do
+ let :params do
+ {
+ :snmpd_user => 'ro_snmp_user',
+ :snmpd_password => 'secrete',
+ :step => 4,
+ }
+ end
+
+ it 'should configure snmpd' do
+ is_expected.to contain_class('snmp').with(
+ :snmpd_config => [
+ 'createUser ro_snmp_user MD5 "secrete"',
+ 'rouser ro_snmp_user',
+ 'proc cron',
+ 'includeAllDisks 10%',
+ 'master agentx',
+ 'trapsink localhost public',
+ 'iquerySecName internalUser',
+ 'rouser internalUser',
+ 'defaultMonitors yes',
+ 'linkUpDownNotifications yes',
+ ]
+ )
+ end
+ end
+ context 'with snmpd_config setting' do
+ let :params do
+ {
+ :snmpd_user => 'ro_snmp_user',
+ :snmpd_password => 'secrete',
+ :snmpd_config => [
+ 'createUser ro_snmp_user MD5 "secrete"',
+ 'rouser ro_snmp_user',
+ 'proc neutron-server',
+ ],
+ :step => 4,
+ }
+ end
+
+ it 'should configure snmpd with custom parameters' do
+ is_expected.to contain_class('snmp').with(
+ :snmpd_config => [
+ 'createUser ro_snmp_user MD5 "secrete"',
+ 'rouser ro_snmp_user',
+ 'proc neutron-server',
+ ]
+ )
+ end
+ end
+ end
+
+ on_supported_os.each do |os, facts|
+ context "on #{os}" do
+ let(:facts) {
+ facts
+ }
+
+ it_behaves_like 'tripleo::profile::base::snmp'
+ end
+ end
+end