Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
B
base
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Lonlone Lee
base
Commits
c5b4d0d1
Commit
c5b4d0d1
authored
Feb 16, 2017
by
Adam Lewenberg
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
add support for qa kerberos environment
parent
7e41ce0e
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
24 additions
and
9 deletions
+24
-9
NEWS
NEWS
+4
-0
manifests/kerberos.pp
manifests/kerberos.pp
+12
-9
templates/kerberos/krb5.conf.erb
templates/kerberos/krb5.conf.erb
+8
-0
No files found.
NEWS
View file @
c5b4d0d1
release
/
005.006
(
2017
-
02
-
16
)
[
kerberos
]
Add
support
for
the
new
kerberos
environment
'qa'
.
[
adamhl
]
release
/
005.005
(
2017
-
02
-
02
)
[
kerberos
]
Add
the
option
rdns_enabled
so
that
Kerberos
can
be
...
...
manifests/kerberos.pp
View file @
c5b4d0d1
...
...
@@ -17,20 +17,23 @@
# **********************************************************************
#
#
# $krb_env: Which kerberos environment to use. Must be one of:
# 'prod', 'uat', or 'test'.
# $krb_env:
# Which kerberos environment to use. Must be one of:
# 'prod', 'uat', 'qa', or 'test'.
# Default: 'prod'
#
# $prefer_tcp: Normal kerberos traffic uses UDP, but some applications
# $prefer_tcp:
# Normal kerberos traffic uses UDP, but some applications
# (lookin' at you Java!) work better with TCP. Set this parameter to
# "true" to force the client to prefer TCP to UDP.
# Default: false
#
# $rdns_enabled: if 'true' have the Kerberos client do a reverse DNS
# lookup on the hostname when connecting to a server. This should be set
# to 'false' if you want the client to be able to connect to services where
# the service name's IP address PTR record may not match the hostname
# (e.g., for services running in Amazon Web Services).
# $rdns_enabled:
# If 'true' have the Kerberos client do a reverse DNS lookup on the
# hostname when connecting to a server. This should be set to 'false' if
# you want the client to be able to connect to services where the service
# name's IP address PTR record may not match the hostname (e.g., for
# services running in Amazon Web Services).
# Default: true
class
base::kerberos
(
$prefer_tcp
=
false
,
...
...
@@ -40,7 +43,7 @@ class base::kerberos(
# We only allow the 'prod', 'uat', and 'test' environments.
case
$krb_env
{
'prod'
,
'uat'
,
'test'
:
{}
'prod'
,
'uat'
,
'test'
,
'qa'
:
{}
default
:
{
fail
(
"unrecognized kerberos environment '
${krb_env}
'"
)
}
}
...
...
templates/kerberos/krb5.conf.erb
View file @
c5b4d0d1
...
...
@@ -76,6 +76,14 @@ elsif (@krb_env == 'test') then
admin_server = kerberos-test.stanford.edu
kpasswd_server = kerberos-test.stanford.edu
<%
elsif
(
@krb_env
==
'qa'
)
then
-%>
kdc = kerberos-qa2.stanford.edu:88
kdc = kerberos-qa1.stanford.edu:88
master_kdc = master-kdc-qa.stanford.edu:88
admin_server = master-kdc-qa.stanford.edu
kpasswd_server = master-kdc-qa.stanford.edu
<%
else
if
(
@drSite
)
then
-%>
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
