aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Puppetfile_extras5
-rw-r--r--manifests/profile/base/snmp.pp44
-rw-r--r--releasenotes/notes/snmdd_config-db21f3175967be4a.yaml11
-rw-r--r--spec/classes/tripleo_profile_base_snmp_spec.rb83
4 files changed, 132 insertions, 11 deletions
diff --git a/Puppetfile_extras b/Puppetfile_extras
index 4bc9d3f..ce239c3 100644
--- a/Puppetfile_extras
+++ b/Puppetfile_extras
@@ -52,3 +52,8 @@ mod 'opendaylight',
mod 'ssh',
:git => 'https://github.com/saz/puppet-ssh',
:ref => 'v3.0.1'
+
+mod 'snmp',
+ :git => 'https://github.com/razorsedge/puppet-snmp',
+ :ref => 'master'
+
diff --git a/manifests/profile/base/snmp.pp b/manifests/profile/base/snmp.pp
index ecef5ae..6c26e1c 100644
--- a/manifests/profile/base/snmp.pp
+++ b/manifests/profile/base/snmp.pp
@@ -18,6 +18,20 @@
#
# === Parameters
#
+# [*snmpd_config*]
+# An array of snmp config.
+# Example:
+# snmpd_config:
+# - 'createUser ro_snmp_user MD5 "secrete"',
+# - 'rouser ro_snmp_user'
+# - 'proc neutron-server'
+# - 'proc nova-api'
+# Note: since we give total freedom to configure snmpd_config and don't
+# verify the content, the user will have to ensure that the parameters
+# related to user / password in the array, are the same given to
+# THT via SnmpdReadonlyUserName and SnmpdReadonlyUserPassword.
+# Defaults to undef.
+#
# [*snmpd_password*]
# The SNMP password
# Defaults to hiera('snmpd_readonly_user_password')
@@ -32,6 +46,7 @@
# Defaults to hiera('step')
#
class tripleo::profile::base::snmp (
+ $snmpd_config = undef,
$snmpd_password = hiera('snmpd_readonly_user_password'),
$snmpd_user = hiera('snmpd_readonly_user_name'),
$step = Integer(hiera('step')),
@@ -41,17 +56,24 @@ class tripleo::profile::base::snmp (
authtype => 'MD5',
authpass => $snmpd_password,
}
- class { '::snmp':
- snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']),
- join(['rouser ', $snmpd_user]),
- 'proc cron',
- 'includeAllDisks 10%',
- 'master agentx',
- 'trapsink localhost public',
- 'iquerySecName internalUser',
- 'rouser internalUser',
- 'defaultMonitors yes',
- 'linkUpDownNotifications yes' ],
+ if $snmpd_config {
+ validate_array($snmpd_config)
+ class { '::snmp':
+ snmpd_config => $snmpd_config,
+ }
+ } else {
+ class { '::snmp':
+ snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']),
+ join(['rouser ', $snmpd_user]),
+ 'proc cron',
+ 'includeAllDisks 10%',
+ 'master agentx',
+ 'trapsink localhost public',
+ 'iquerySecName internalUser',
+ 'rouser internalUser',
+ 'defaultMonitors yes',
+ 'linkUpDownNotifications yes' ],
+ }
}
}
}
diff --git a/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml b/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml
new file mode 100644
index 0000000..4db033a
--- /dev/null
+++ b/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml
@@ -0,0 +1,11 @@
+---
+features:
+ - |
+ Expose a new Puppet parameter to snmp profile, ``snmpd_config`` which
+ is an array definded to undef by default.
+ It can be used to override all snmpd configuration for advanced
+ deployments.
+ If used, all parameters have to be configured included users and
+ passwords, which should be the same as given to snmpd_password
+ and snmpd_user. There is no logic that will verify the content
+ of ``snmpd_config``.
diff --git a/spec/classes/tripleo_profile_base_snmp_spec.rb b/spec/classes/tripleo_profile_base_snmp_spec.rb
new file mode 100644
index 0000000..c8a7074
--- /dev/null
+++ b/spec/classes/tripleo_profile_base_snmp_spec.rb
@@ -0,0 +1,83 @@
+#
+# Copyright (C) 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+require 'spec_helper'
+
+describe 'tripleo::profile::base::snmp' do
+
+ shared_examples_for 'tripleo::profile::base::snmp' do
+ context 'with default configuration' do
+ let :params do
+ {
+ :snmpd_user => 'ro_snmp_user',
+ :snmpd_password => 'secrete',
+ :step => 4,
+ }
+ end
+
+ it 'should configure snmpd' do
+ is_expected.to contain_class('snmp').with(
+ :snmpd_config => [
+ 'createUser ro_snmp_user MD5 "secrete"',
+ 'rouser ro_snmp_user',
+ 'proc cron',
+ 'includeAllDisks 10%',
+ 'master agentx',
+ 'trapsink localhost public',
+ 'iquerySecName internalUser',
+ 'rouser internalUser',
+ 'defaultMonitors yes',
+ 'linkUpDownNotifications yes',
+ ]
+ )
+ end
+ end
+ context 'with snmpd_config setting' do
+ let :params do
+ {
+ :snmpd_user => 'ro_snmp_user',
+ :snmpd_password => 'secrete',
+ :snmpd_config => [
+ 'createUser ro_snmp_user MD5 "secrete"',
+ 'rouser ro_snmp_user',
+ 'proc neutron-server',
+ ],
+ :step => 4,
+ }
+ end
+
+ it 'should configure snmpd with custom parameters' do
+ is_expected.to contain_class('snmp').with(
+ :snmpd_config => [
+ 'createUser ro_snmp_user MD5 "secrete"',
+ 'rouser ro_snmp_user',
+ 'proc neutron-server',
+ ]
+ )
+ end
+ end
+ end
+
+ on_supported_os.each do |os, facts|
+ context "on #{os}" do
+ let(:facts) {
+ facts
+ }
+
+ it_behaves_like 'tripleo::profile::base::snmp'
+ end
+ end
+end