summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--manifests/certmonger/haproxy.pp14
-rw-r--r--manifests/certmonger/httpd.pp14
-rw-r--r--manifests/haproxy.pp44
-rw-r--r--manifests/profile/base/ceilometer.pp18
-rw-r--r--manifests/profile/base/ceilometer/collector.pp9
-rw-r--r--manifests/profile/base/docker.pp9
-rw-r--r--manifests/profile/base/gnocchi/api.pp12
-rw-r--r--manifests/profile/base/neutron/plugins/ml2/bagpipe.pp37
-rw-r--r--manifests/profile/base/neutron/plugins/nsx_v3.pp45
-rw-r--r--manifests/profile/base/sshd.pp34
-rw-r--r--manifests/ui.pp2
-rw-r--r--releasenotes/notes/add-bagpipe-driver-9163f5b22096fde0.yaml1
-rw-r--r--releasenotes/notes/move-ceilo-upgrade-out-3318df875de5cd00.yaml6
-rw-r--r--spec/classes/tripleo_profile_base_ceilometer_collector_spec.rb26
-rw-r--r--spec/classes/tripleo_profile_base_ceilometer_spec.rb25
-rw-r--r--spec/classes/tripleo_profile_base_gnocchi_api_spec.rb109
-rw-r--r--spec/classes/tripleo_profile_base_sshd_spec.rb118
-rw-r--r--spec/fixtures/hieradata/default.yaml2
18 files changed, 438 insertions, 87 deletions
diff --git a/manifests/certmonger/haproxy.pp b/manifests/certmonger/haproxy.pp
index 6668440..a5d1bf8 100644
--- a/manifests/certmonger/haproxy.pp
+++ b/manifests/certmonger/haproxy.pp
@@ -40,6 +40,11 @@
# (Optional) The CA that certmonger will use to generate the certificates.
# Defaults to hiera('certmonger_ca', 'local').
#
+# [*dnsnames*]
+# (Optional) The DNS names that will be added for the SubjectAltNames entry
+# in the certificate. If left unset, the value will be set to the $hostname.
+# Defaults to undef
+#
# [*principal*]
# The haproxy service principal that is set for HAProxy in kerberos.
#
@@ -50,6 +55,7 @@ define tripleo::certmonger::haproxy (
$hostname,
$postsave_cmd,
$certmonger_ca = hiera('certmonger_ca', 'local'),
+ $dnsnames = undef,
$principal = undef,
){
include ::certmonger
@@ -62,11 +68,17 @@ define tripleo::certmonger::haproxy (
}
}
+ if $dnsnames {
+ $dnsnames_real = $dnsnames
+ } else {
+ $dnsnames_real = $hostname
+ }
+
certmonger_certificate { "${title}-cert":
ensure => 'present',
ca => $certmonger_ca,
hostname => $hostname,
- dnsname => $hostname,
+ dnsname => $dnsnames_real,
certfile => $service_certificate,
keyfile => $service_key,
postsave_cmd => $postsave_cmd,
diff --git a/manifests/certmonger/httpd.pp b/manifests/certmonger/httpd.pp
index 74c0b5a..e9754f7 100644
--- a/manifests/certmonger/httpd.pp
+++ b/manifests/certmonger/httpd.pp
@@ -31,6 +31,11 @@
# (Optional) The CA that certmonger will use to generate the certificates.
# Defaults to hiera('certmonger_ca', 'local').
#
+# [*dnsnames*]
+# (Optional) The DNS names that will be added for the SubjectAltNames entry
+# in the certificate. If left unset, the value will be set to the $hostname.
+# Defaults to undef
+#
# [*principal*]
# The haproxy service principal that is set for HAProxy in kerberos.
#
@@ -39,18 +44,25 @@ define tripleo::certmonger::httpd (
$service_certificate,
$service_key,
$certmonger_ca = hiera('certmonger_ca', 'local'),
+ $dnsnames = undef,
$principal = undef,
) {
include ::certmonger
include ::apache::params
+ if $dnsnames {
+ $dnsnames_real = $dnsnames
+ } else {
+ $dnsnames_real = $hostname
+ }
+
$postsave_cmd = "systemctl reload ${::apache::params::service_name}"
certmonger_certificate { $name :
ensure => 'present',
certfile => $service_certificate,
keyfile => $service_key,
hostname => $hostname,
- dnsname => $hostname,
+ dnsname => $dnsnames_real,
principal => $principal,
postsave_cmd => $postsave_cmd,
ca => $certmonger_ca,
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index a6bd1eb..ad7b954 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -49,6 +49,10 @@
# The IPv4, IPv6 or filesystem socket path of the syslog server.
# Defaults to '/dev/log'
#
+# [*haproxy_daemon*]
+# Should haproxy run in daemon mode or not
+# Defaults to true
+#
# [*controller_hosts*]
# IPs of host or group of hosts to load-balance the services
# Can be a string or an array.
@@ -539,6 +543,7 @@ class tripleo::haproxy (
$haproxy_listen_bind_param = [ 'transparent' ],
$haproxy_member_options = [ 'check', 'inter 2000', 'rise 2', 'fall 5' ],
$haproxy_log_address = '/dev/log',
+ $haproxy_daemon = true,
$haproxy_stats_user = 'admin',
$haproxy_stats_password = undef,
$controller_hosts = hiera('controller_node_ips'),
@@ -718,6 +723,9 @@ class tripleo::haproxy (
if $enable_internal_tls {
$internal_tls_member_options = ['ssl', 'verify required', "ca-file ${ca_bundle}"]
+ Haproxy::Balancermember {
+ verifyhost => true
+ }
} else {
$internal_tls_member_options = []
}
@@ -797,22 +805,30 @@ class tripleo::haproxy (
"${redis_vip}:6379" => $haproxy_listen_bind_param,
}
+ $haproxy_global_options = {
+ 'log' => "${haproxy_log_address} local0",
+ 'pidfile' => '/var/run/haproxy.pid',
+ 'user' => 'haproxy',
+ 'group' => 'haproxy',
+ 'maxconn' => $haproxy_global_maxconn,
+ 'ssl-default-bind-ciphers' => $ssl_cipher_suite,
+ 'ssl-default-bind-options' => $ssl_options,
+ 'stats' => [
+ 'socket /var/lib/haproxy/stats mode 600 level user',
+ 'timeout 2m'
+ ],
+ }
+ if $haproxy_daemon == true {
+ $haproxy_daemonize = {
+ 'daemon' => '',
+ }
+ } else {
+ $haproxy_daemonize = {}
+ }
+
class { '::haproxy':
service_manage => $haproxy_service_manage,
- global_options => {
- 'log' => "${haproxy_log_address} local0",
- 'pidfile' => '/var/run/haproxy.pid',
- 'user' => 'haproxy',
- 'group' => 'haproxy',
- 'daemon' => '',
- 'maxconn' => $haproxy_global_maxconn,
- 'ssl-default-bind-ciphers' => $ssl_cipher_suite,
- 'ssl-default-bind-options' => $ssl_options,
- 'stats' => [
- 'socket /var/lib/haproxy/stats mode 600 level user',
- 'timeout 2m'
- ],
- },
+ global_options => merge($haproxy_global_options, $haproxy_daemonize),
defaults_options => {
'mode' => 'tcp',
'log' => 'global',
diff --git a/manifests/profile/base/ceilometer.pp b/manifests/profile/base/ceilometer.pp
index 2855bd2..e6a2f11 100644
--- a/manifests/profile/base/ceilometer.pp
+++ b/manifests/profile/base/ceilometer.pp
@@ -18,6 +18,10 @@
#
# === Parameters
#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
# [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates
# for more details.
@@ -68,6 +72,7 @@
# Defaults to hiera('ceilometer::rabbit_use_ssl', '0')
class tripleo::profile::base::ceilometer (
+ $bootstrap_node = hiera('bootstrap_nodeid', undef),
$step = hiera('step'),
$oslomsg_rpc_proto = hiera('messaging_rpc_service_name', 'rabbit'),
$oslomsg_rpc_hosts = any2array(hiera('rabbitmq_node_names', undef)),
@@ -81,6 +86,11 @@ class tripleo::profile::base::ceilometer (
$oslomsg_notify_username = hiera('ceilometer::rabbit_userid', 'guest'),
$oslomsg_use_ssl = hiera('ceilometer::rabbit_use_ssl', '0'),
) {
+ if $::hostname == downcase($bootstrap_node) {
+ $sync_db = true
+ } else {
+ $sync_db = false
+ }
if $step >= 3 {
$oslomsg_use_ssl_real = sprintf('%s', bool2num(str2bool($oslomsg_use_ssl)))
@@ -105,4 +115,12 @@ class tripleo::profile::base::ceilometer (
include ::ceilometer::config
}
+ # Run ceilometer-upgrade in step 5 so gnocchi resource types
+ # are created safely.
+ if $step >= 5 and $sync_db {
+ exec {'ceilometer-db-upgrade':
+ command => 'ceilometer-upgrade --skip-metering-database',
+ path => ['/usr/bin', '/usr/sbin'],
+ }
+ }
}
diff --git a/manifests/profile/base/ceilometer/collector.pp b/manifests/profile/base/ceilometer/collector.pp
index 6b58286..a2c1e29 100644
--- a/manifests/profile/base/ceilometer/collector.pp
+++ b/manifests/profile/base/ceilometer/collector.pp
@@ -84,13 +84,4 @@ class tripleo::profile::base::ceilometer::collector (
include ::ceilometer::collector
include ::ceilometer::dispatcher::gnocchi
}
-
- # Re-run ceilometer-upgrade again in step 5 so gnocchi resource types
- # are created safely.
- if $step >= 5 and $sync_db {
- exec {'ceilometer-db-upgrade':
- command => 'ceilometer-upgrade --skip-metering-database',
- path => ['/usr/bin', '/usr/sbin'],
- }
- }
}
diff --git a/manifests/profile/base/docker.pp b/manifests/profile/base/docker.pp
index 4797d86..d035f6a 100644
--- a/manifests/profile/base/docker.pp
+++ b/manifests/profile/base/docker.pp
@@ -79,12 +79,21 @@ class tripleo::profile::base::docker (
$mirror_changes = [ 'rm dict/entry[. = "registry-mirrors"]', ]
}
+ file { '/etc/docker/daemon.json':
+ ensure => 'present',
+ content => '{}',
+ mode => '0644',
+ replace => false,
+ require => Package['docker']
+ }
+
augeas { 'docker-daemon.json':
lens => 'Json.lns',
incl => '/etc/docker/daemon.json',
changes => $mirror_changes,
subscribe => Package['docker'],
notify => Service['docker'],
+ require => File['/etc/docker/daemon.json'],
}
}
diff --git a/manifests/profile/base/gnocchi/api.pp b/manifests/profile/base/gnocchi/api.pp
index 4a47184..a4e9a30 100644
--- a/manifests/profile/base/gnocchi/api.pp
+++ b/manifests/profile/base/gnocchi/api.pp
@@ -47,6 +47,14 @@
# This is set by t-h-t.
# Defaults to hiera('gnocchi_api_network', undef)
#
+# [*gnocchi_redis_password*]
+# (Required) Password for the gnocchi redis user for the coordination url
+# Defaults to hiera('gnocchi_redis_password')
+#
+# [*redis_vip*]
+# (Required) Redis ip address for the coordination url
+# Defaults to hiera('redis_vip')
+#
# [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates
# for more details.
@@ -58,6 +66,8 @@ class tripleo::profile::base::gnocchi::api (
$enable_internal_tls = hiera('enable_internal_tls', false),
$gnocchi_backend = downcase(hiera('gnocchi_backend', 'swift')),
$gnocchi_network = hiera('gnocchi_api_network', undef),
+ $gnocchi_redis_password = hiera('gnocchi_redis_password'),
+ $redis_vip = hiera('redis_vip'),
$step = hiera('step'),
) {
if $::hostname == downcase($bootstrap_node) {
@@ -94,7 +104,7 @@ class tripleo::profile::base::gnocchi::api (
if $step >= 4 {
class { '::gnocchi::storage':
- coordination_url => join(['redis://:', hiera('gnocchi_redis_password'), '@', normalize_ip_for_uri(hiera('redis_vip')), ':6379/']),
+ coordination_url => join(['redis://:', $gnocchi_redis_password, '@', normalize_ip_for_uri($redis_vip), ':6379/']),
}
case $gnocchi_backend {
'swift': { include ::gnocchi::storage::swift }
diff --git a/manifests/profile/base/neutron/plugins/ml2/bagpipe.pp b/manifests/profile/base/neutron/plugins/ml2/bagpipe.pp
new file mode 100644
index 0000000..161cd75
--- /dev/null
+++ b/manifests/profile/base/neutron/plugins/ml2/bagpipe.pp
@@ -0,0 +1,37 @@
+#
+# Copyright (C) 2017 Red Hat Inc.
+#
+# Author: Ricardo Noriega <rnoriega@redhat.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::plugins::ml2::bagpipe
+#
+# Neutron Bagpipe ML2 profile for TripleO
+#
+# === Parameters
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::plugins::ml2::bagpipe (
+ $step = hiera('step'),
+) {
+ include ::tripleo::profile::base::neutron
+
+ if $step >= 4 {
+ include ::neutron::plugins::ml2::bagpipe
+ }
+}
diff --git a/manifests/profile/base/neutron/plugins/nsx_v3.pp b/manifests/profile/base/neutron/plugins/nsx_v3.pp
new file mode 100644
index 0000000..33fa0cf
--- /dev/null
+++ b/manifests/profile/base/neutron/plugins/nsx_v3.pp
@@ -0,0 +1,45 @@
+# Copyright 2017 VMware, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::plugins::nsx_v3
+#
+# VMware NSXv3 Neutron profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+# (Optional) The hostname of the node responsible for bootstrapping tasks
+# Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+# (Optional) The current step in deployment. See tripleo-heat-templates
+# for more details.
+# Defaults to hiera('step')
+#
+class tripleo::profile::base::neutron::plugins::nsx_v3 (
+ $bootstrap_node = hiera('bootstrap_nodeid', undef),
+ $step = hiera('step'),
+) {
+ if $::hostname == downcase($bootstrap_node) {
+ $sync_db = true
+ } else {
+ $sync_db = false
+ }
+
+ include ::tripleo::profile::base::neutron
+
+ if $step >= 4 or ( $step >= 3 and $sync_db ) {
+ include ::neutron::plugins::nsx_v3
+ }
+}
diff --git a/manifests/profile/base/sshd.pp b/manifests/profile/base/sshd.pp
index 2b86032..3f0245d 100644
--- a/manifests/profile/base/sshd.pp
+++ b/manifests/profile/base/sshd.pp
@@ -27,14 +27,19 @@
# The text used within SSH Banner
# Defaults to hiera('MOTD')
#
+# [*options*]
+# Hash of SSHD options to set. See the puppet-ssh module documentation for
+# details.
+# Defaults to {}
+
class tripleo::profile::base::sshd (
$bannertext = hiera('BannerText', undef),
$motd = hiera('MOTD', undef),
+ $options = {}
) {
- include ::ssh::server
-
- if $bannertext {
+ if $bannertext and $bannertext != '' {
+ $sshd_options_banner = {'Banner' => '/etc/issue.net'}
$filelist = [ '/etc/issue', '/etc/issue.net', ]
file { $filelist:
ensure => file,
@@ -44,9 +49,12 @@ class tripleo::profile::base::sshd (
group => 'root',
mode => '0644'
}
+ } else {
+ $sshd_options_banner = {}
}
- if $motd {
+ if $motd and $motd != '' {
+ $sshd_options_motd = {'PrintMotd' => 'yes'}
file { '/etc/motd':
ensure => file,
backup => false,
@@ -55,5 +63,23 @@ class tripleo::profile::base::sshd (
group => 'root',
mode => '0644'
}
+ } else {
+ $sshd_options_motd = {}
+ }
+
+ $sshd_options = merge(
+ $options,
+ $sshd_options_banner,
+ $sshd_options_motd
+ )
+
+ # NB (owalsh) in puppet-ssh hiera takes precedence over the class param
+ # we need to control this, so error if it's set in hiera
+ if hiera('ssh:server::options', undef) {
+ err('ssh:server::options must not be set, use tripleo::profile::base::sshd::options')
+ }
+ class { '::ssh::server':
+ storeconfigs_enabled => false,
+ options => $sshd_options
}
}
diff --git a/manifests/ui.pp b/manifests/ui.pp
index b2ed178..1745535 100644
--- a/manifests/ui.pp
+++ b/manifests/ui.pp
@@ -39,6 +39,7 @@
# 'de' => 'German',
# 'en' => 'English',
# 'es' => 'Spanish',
+# 'id' => 'Indonesian',
# 'ja' => 'Japanese',
# 'ko-KR' => 'Korean',
# 'zh-CN' => 'Simplified Chinese'
@@ -106,6 +107,7 @@ class tripleo::ui (
'de' => 'German',
'en' => 'English',
'es' => 'Spanish',
+ 'id' => 'Indonesian',
'ja' => 'Japanese',
'ko-KR' => 'Korean',
'zh-CN' => 'Simplified Chinese'
diff --git a/releasenotes/notes/add-bagpipe-driver-9163f5b22096fde0.yaml b/releasenotes/notes/add-bagpipe-driver-9163f5b22096fde0.yaml
index df6b232..3b9f189 100644
--- a/releasenotes/notes/add-bagpipe-driver-9163f5b22096fde0.yaml
+++ b/releasenotes/notes/add-bagpipe-driver-9163f5b22096fde0.yaml
@@ -1,3 +1,4 @@
---
features:
- Add support for Bagpipe Neutron driver as backend in BGPVPN scenarios
+ - Add ML2 plugin configuration for Bagpipe BGPVPN extension
diff --git a/releasenotes/notes/move-ceilo-upgrade-out-3318df875de5cd00.yaml b/releasenotes/notes/move-ceilo-upgrade-out-3318df875de5cd00.yaml
new file mode 100644
index 0000000..1899db9
--- /dev/null
+++ b/releasenotes/notes/move-ceilo-upgrade-out-3318df875de5cd00.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+ - Since collector is deprecated, move the ceilo upgrade in step5
+ out of collector profile and into cielometer base. This way
+ ceilo upgrade can run even when collector is disabled which is
+ the default in pike.
diff --git a/spec/classes/tripleo_profile_base_ceilometer_collector_spec.rb b/spec/classes/tripleo_profile_base_ceilometer_collector_spec.rb
index 0f9aad7..23b198a 100644
--- a/spec/classes/tripleo_profile_base_ceilometer_collector_spec.rb
+++ b/spec/classes/tripleo_profile_base_ceilometer_collector_spec.rb
@@ -128,32 +128,6 @@ describe 'tripleo::profile::base::ceilometer::collector' do
is_expected.to contain_class('ceilometer::dispatcher::gnocchi')
end
end
-
- context 'with step 5 on bootstrap node' do
- let(:params) { {
- :step => 5,
- :bootstrap_node => 'node.example.com',
- :mongodb_node_ips => ['127.0.0.1',],
- :mongodb_replset => 'replicaset'
- } }
-
- it 'should trigger complete configuration' do
- is_expected.to contain_exec('ceilometer-db-upgrade')
- end
- end
-
- context 'with step 5 not on bootstrap node' do
- let(:params) { {
- :step => 5,
- :bootstrap_node => 'somethingelse.example.com',
- :mongodb_node_ips => ['127.0.0.1',],
- :mongodb_replset => 'replicaset'
- } }
-
- it 'should trigger complete configuration' do
- is_expected.to_not contain_exec('ceilometer-db-upgrade')
- end
- end
end
diff --git a/spec/classes/tripleo_profile_base_ceilometer_spec.rb b/spec/classes/tripleo_profile_base_ceilometer_spec.rb
index 9173203..8c1d507 100644
--- a/spec/classes/tripleo_profile_base_ceilometer_spec.rb
+++ b/spec/classes/tripleo_profile_base_ceilometer_spec.rb
@@ -42,6 +42,31 @@ describe 'tripleo::profile::base::ceilometer' do
is_expected.to contain_class('ceilometer::config')
end
end
+
+ context 'with step 5 with bootstrap node' do
+ let(:params) { {
+ :bootstrap_node => 'node.example.com',
+ :step => 5,
+ :oslomsg_rpc_hosts => [ '127.0.0.1' ],
+ :oslomsg_rpc_username => 'ceilometer',
+ :oslomsg_rpc_password => 'foo',
+ } }
+
+ it 'should trigger complete configuration' do
+ is_expected.to contain_exec('ceilometer-db-upgrade')
+ end
+ end
+
+ context 'with step 5 without bootstrap node' do
+ let(:params) { {
+ :bootstrap_node => 'somethingelse.example.com',
+ :step => 5,
+ } }
+
+ it 'should trigger complete configuration' do
+ is_expected.to_not contain_exec('ceilometer-db-upgrade')
+ end
+ end
end
diff --git a/spec/classes/tripleo_profile_base_gnocchi_api_spec.rb b/spec/classes/tripleo_profile_base_gnocchi_api_spec.rb
index 805a28e..6c04e9d 100644
--- a/spec/classes/tripleo_profile_base_gnocchi_api_spec.rb
+++ b/spec/classes/tripleo_profile_base_gnocchi_api_spec.rb
@@ -23,7 +23,11 @@ describe 'tripleo::profile::base::gnocchi::api' do
end
context 'with step less than 3' do
- let(:params) { { :step => 2 } }
+ let(:params) { {
+ :step => 2,
+ :gnocchi_redis_password => 'gnocchi',
+ :redis_vip => '127.0.0.1'
+ } }
it {
is_expected.to contain_class('tripleo::profile::base::gnocchi::api')
@@ -36,6 +40,8 @@ describe 'tripleo::profile::base::gnocchi::api' do
let(:params) { {
:step => 3,
:bootstrap_node => 'node.example.com',
+ :gnocchi_redis_password => 'gnocchi',
+ :redis_vip => '127.0.0.1'
} }
it {
@@ -48,6 +54,8 @@ describe 'tripleo::profile::base::gnocchi::api' do
context 'with step 3' do
let(:params) { {
:step => 3,
+ :gnocchi_redis_password => 'gnocchi',
+ :redis_vip => '127.0.0.1'
} }
it {
@@ -57,35 +65,76 @@ describe 'tripleo::profile::base::gnocchi::api' do
}
end
- # TODO(aschultz): fix profile class to not include hiera look ups in the
- # step 4 so we can properly test it
- #context 'with step 4' do
- # let(:params) { {
- # :step => 4,
- # } }
- #
- # it {
- # is_expected.to contain_class('gnocchi::api')
- # is_expected.to contain_class('gnocchi::wsgi::apache')
- # is_expected.to contain_class('gnocchi::storage')
- # }
- #end
- #
- #context 'with step 5 on bootstrap' do
- # let(:params) { {
- # :step => 5,
- # :bootstrap_node => 'node.example.com'
- # } }
- #
- # it {
- # is_expected.to contain_class('gnocchi::api')
- # is_expected.to contain_class('gnocchi::wsgi::apache')
- # is_expected.to contain_exec('run gnocchi upgrade with storage').with(
- # :command => 'gnocchi-upgrade --config-file=/etc/gnocchi/gnocchi.conf',
- # :path => ['/usr/bin', '/usr/sbin']
- # )
- # }
- #end
+ context 'with step 4' do
+ let(:params) { {
+ :step => 4,
+ :gnocchi_redis_password => 'gnocchi',
+ :redis_vip => '127.0.0.1'
+ } }
+
+ it {
+ is_expected.to contain_class('gnocchi::api')
+ is_expected.to contain_class('gnocchi::wsgi::apache')
+ is_expected.to contain_class('gnocchi::storage').with(
+ :coordination_url => 'redis://:gnocchi@127.0.0.1:6379/'
+ )
+ is_expected.to contain_class('gnocchi::storage::swift')
+ }
+ end
+
+ context 'with step 4 with file backend' do
+ let(:params) { {
+ :step => 4,
+ :gnocchi_backend => 'file',
+ :gnocchi_redis_password => 'gnocchi',
+ :redis_vip => '127.0.0.1'
+ } }
+
+ it {
+ is_expected.to contain_class('gnocchi::api')
+ is_expected.to contain_class('gnocchi::wsgi::apache')
+ is_expected.to contain_class('gnocchi::storage').with(
+ :coordination_url => 'redis://:gnocchi@127.0.0.1:6379/'
+ )
+ is_expected.to contain_class('gnocchi::storage::file')
+ }
+ end
+
+ context 'with step 4 with ceph backend' do
+ let(:params) { {
+ :step => 4,
+ :gnocchi_backend => 'rbd',
+ :gnocchi_redis_password => 'gnocchi',
+ :redis_vip => '127.0.0.1'
+ } }
+
+ it {
+ is_expected.to contain_class('gnocchi::api')
+ is_expected.to contain_class('gnocchi::wsgi::apache')
+ is_expected.to contain_class('gnocchi::storage').with(
+ :coordination_url => 'redis://:gnocchi@127.0.0.1:6379/'
+ )
+ is_expected.to contain_class('gnocchi::storage::ceph')
+ }
+ end
+
+ context 'with step 5 on bootstrap' do
+ let(:params) { {
+ :step => 5,
+ :bootstrap_node => 'node.example.com',
+ :gnocchi_redis_password => 'gnocchi',
+ :redis_vip => '127.0.0.1'
+ } }
+
+ it {
+ is_expected.to contain_class('gnocchi::api')
+ is_expected.to contain_class('gnocchi::wsgi::apache')
+ is_expected.to contain_exec('run gnocchi upgrade with storage').with(
+ :command => 'gnocchi-upgrade --config-file=/etc/gnocchi/gnocchi.conf',
+ :path => ['/usr/bin', '/usr/sbin']
+ )
+ }
+ end
end
diff --git a/spec/classes/tripleo_profile_base_sshd_spec.rb b/spec/classes/tripleo_profile_base_sshd_spec.rb
index e84a1f5..58b271f 100644
--- a/spec/classes/tripleo_profile_base_sshd_spec.rb
+++ b/spec/classes/tripleo_profile_base_sshd_spec.rb
@@ -24,7 +24,23 @@ describe 'tripleo::profile::base::sshd' do
context 'it should do nothing' do
it do
- is_expected.to contain_class('ssh::server')
+ is_expected.to contain_class('ssh::server').with({
+ 'storeconfigs_enabled' => false,
+ 'options' => {}
+ })
+ is_expected.to_not contain_file('/etc/issue')
+ is_expected.to_not contain_file('/etc/issue.net')
+ is_expected.to_not contain_file('/etc/motd')
+ end
+ end
+
+ context 'it should do nothing with empty strings' do
+ let(:params) {{ :bannertext => '', :motd => '' }}
+ it do
+ is_expected.to contain_class('ssh::server').with({
+ 'storeconfigs_enabled' => false,
+ 'options' => {}
+ })
is_expected.to_not contain_file('/etc/issue')
is_expected.to_not contain_file('/etc/issue.net')
is_expected.to_not contain_file('/etc/motd')
@@ -34,6 +50,12 @@ describe 'tripleo::profile::base::sshd' do
context 'with issue and issue.net configured' do
let(:params) {{ :bannertext => 'foo' }}
it do
+ is_expected.to contain_class('ssh::server').with({
+ 'storeconfigs_enabled' => false,
+ 'options' => {
+ 'Banner' => '/etc/issue.net'
+ }
+ })
is_expected.to contain_file('/etc/issue').with({
'content' => 'foo',
'owner' => 'root',
@@ -53,6 +75,12 @@ describe 'tripleo::profile::base::sshd' do
context 'with motd configured' do
let(:params) {{ :motd => 'foo' }}
it do
+ is_expected.to contain_class('ssh::server').with({
+ 'storeconfigs_enabled' => false,
+ 'options' => {
+ 'PrintMotd' => 'yes'
+ }
+ })
is_expected.to contain_file('/etc/motd').with({
'content' => 'foo',
'owner' => 'root',
@@ -63,6 +91,94 @@ describe 'tripleo::profile::base::sshd' do
is_expected.to_not contain_file('/etc/issue.net')
end
end
+
+ context 'with options configured' do
+ let(:params) {{ :options => {'X11Forwarding' => 'no'} }}
+ it do
+ is_expected.to contain_class('ssh::server').with({
+ 'storeconfigs_enabled' => false,
+ 'options' => {
+ 'X11Forwarding' => 'no'
+ }
+ })
+ is_expected.to_not contain_file('/etc/motd')
+ is_expected.to_not contain_file('/etc/issue')
+ is_expected.to_not contain_file('/etc/issue.net')
+ end
+ end
+
+ context 'with motd and issue configured' do
+ let(:params) {{
+ :bannertext => 'foo',
+ :motd => 'foo'
+ }}
+ it do
+ is_expected.to contain_class('ssh::server').with({
+ 'storeconfigs_enabled' => false,
+ 'options' => {
+ 'Banner' => '/etc/issue.net',
+ 'PrintMotd' => 'yes'
+ }
+ })
+ is_expected.to contain_file('/etc/motd').with({
+ 'content' => 'foo',
+ 'owner' => 'root',
+ 'group' => 'root',
+ 'mode' => '0644',
+ })
+ is_expected.to contain_file('/etc/issue').with({
+ 'content' => 'foo',
+ 'owner' => 'root',
+ 'group' => 'root',
+ 'mode' => '0644',
+ })
+ is_expected.to contain_file('/etc/issue.net').with({
+ 'content' => 'foo',
+ 'owner' => 'root',
+ 'group' => 'root',
+ 'mode' => '0644',
+ })
+ end
+ end
+
+ context 'with motd and issue and options configured' do
+ let(:params) {{
+ :bannertext => 'foo',
+ :motd => 'foo',
+ :options => {
+ 'PrintMotd' => 'no', # this should be overridden
+ 'X11Forwarding' => 'no'
+ }
+ }}
+ it do
+ is_expected.to contain_class('ssh::server').with({
+ 'storeconfigs_enabled' => false,
+ 'options' => {
+ 'Banner' => '/etc/issue.net',
+ 'PrintMotd' => 'yes',
+ 'X11Forwarding' => 'no'
+ }
+ })
+ is_expected.to contain_file('/etc/motd').with({
+ 'content' => 'foo',
+ 'owner' => 'root',
+ 'group' => 'root',
+ 'mode' => '0644',
+ })
+ is_expected.to contain_file('/etc/issue').with({
+ 'content' => 'foo',
+ 'owner' => 'root',
+ 'group' => 'root',
+ 'mode' => '0644',
+ })
+ is_expected.to contain_file('/etc/issue.net').with({
+ 'content' => 'foo',
+ 'owner' => 'root',
+ 'group' => 'root',
+ 'mode' => '0644',
+ })
+ end
+ end
end
on_supported_os.each do |os, facts|
diff --git a/spec/fixtures/hieradata/default.yaml b/spec/fixtures/hieradata/default.yaml
index 16f39a5..873a49e 100644
--- a/spec/fixtures/hieradata/default.yaml
+++ b/spec/fixtures/hieradata/default.yaml
@@ -30,6 +30,8 @@ cinder::rabbit_password: 'password'
cinder::keystone::authtoken::password: 'password'
# gnocchi related items
gnocchi::keystone::authtoken::password: 'password'
+gnocchi::storage::ceph::ceph_username: 'gnocchi'
+gnocchi::storage::ceph::ceph_secret: 'password'
# nova related items
nova::rabbit_password: 'password'
nova::keystone::authtoken::password: 'password'