Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Lonlone Lee
base
Commits
c5b4d0d1
Commit
c5b4d0d1
authored
Feb 16, 2017
by
Adam Lewenberg
Browse files
add support for qa kerberos environment
parent
7e41ce0e
Changes
3
Hide whitespace changes
Inline
Side-by-side
NEWS
View file @
c5b4d0d1
release
/
005.006
(
2017
-
02
-
16
)
[
kerberos
]
Add
support
for
the
new
kerberos
environment
'qa'
.
[
adamhl
]
release
/
005.005
(
2017
-
02
-
02
)
[
kerberos
]
Add
the
option
rdns_enabled
so
that
Kerberos
can
be
...
...
manifests/kerberos.pp
View file @
c5b4d0d1
...
...
@@ -17,20 +17,23 @@
# **********************************************************************
#
#
# $krb_env: Which kerberos environment to use. Must be one of:
# 'prod', 'uat', or 'test'.
# $krb_env:
# Which kerberos environment to use. Must be one of:
# 'prod', 'uat', 'qa', or 'test'.
# Default: 'prod'
#
# $prefer_tcp: Normal kerberos traffic uses UDP, but some applications
# $prefer_tcp:
# Normal kerberos traffic uses UDP, but some applications
# (lookin' at you Java!) work better with TCP. Set this parameter to
# "true" to force the client to prefer TCP to UDP.
# Default: false
#
# $rdns_enabled: if 'true' have the Kerberos client do a reverse DNS
# lookup on the hostname when connecting to a server. This should be set
# to 'false' if you want the client to be able to connect to services where
# the service name's IP address PTR record may not match the hostname
# (e.g., for services running in Amazon Web Services).
# $rdns_enabled:
# If 'true' have the Kerberos client do a reverse DNS lookup on the
# hostname when connecting to a server. This should be set to 'false' if
# you want the client to be able to connect to services where the service
# name's IP address PTR record may not match the hostname (e.g., for
# services running in Amazon Web Services).
# Default: true
class
base::kerberos
(
$prefer_tcp
=
false
,
...
...
@@ -40,7 +43,7 @@ class base::kerberos(
# We only allow the 'prod', 'uat', and 'test' environments.
case
$krb_env
{
'prod'
,
'uat'
,
'test'
:
{}
'prod'
,
'uat'
,
'test'
,
'qa'
:
{}
default
:
{
fail
(
"unrecognized kerberos environment '
${krb_env}
'"
)
}
}
...
...
templates/kerberos/krb5.conf.erb
View file @
c5b4d0d1
...
...
@@ -76,6 +76,14 @@ elsif (@krb_env == 'test') then
admin_server = kerberos-test.stanford.edu
kpasswd_server = kerberos-test.stanford.edu
<%
elsif
(
@krb_env
==
'qa'
)
then
-%>
kdc = kerberos-qa2.stanford.edu:88
kdc = kerberos-qa1.stanford.edu:88
master_kdc = master-kdc-qa.stanford.edu:88
admin_server = master-kdc-qa.stanford.edu
kpasswd_server = master-kdc-qa.stanford.edu
<%
else
if
(
@drSite
)
then
-%>
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment