Commit c5b4d0d1 authored by Adam Lewenberg's avatar Adam Lewenberg

add support for qa kerberos environment

parent 7e41ce0e
release/005.006 (2017-02-16)
[kerberos] Add support for the new kerberos environment 'qa'. [adamhl]
release/005.005 (2017-02-02)
[kerberos] Add the option rdns_enabled so that Kerberos can be
......
......@@ -17,20 +17,23 @@
# **********************************************************************
#
#
# $krb_env: Which kerberos environment to use. Must be one of:
# 'prod', 'uat', or 'test'.
# $krb_env:
# Which kerberos environment to use. Must be one of:
# 'prod', 'uat', 'qa', or 'test'.
# Default: 'prod'
#
# $prefer_tcp: Normal kerberos traffic uses UDP, but some applications
# $prefer_tcp:
# Normal kerberos traffic uses UDP, but some applications
# (lookin' at you Java!) work better with TCP. Set this parameter to
# "true" to force the client to prefer TCP to UDP.
# Default: false
#
# $rdns_enabled: if 'true' have the Kerberos client do a reverse DNS
# lookup on the hostname when connecting to a server. This should be set
# to 'false' if you want the client to be able to connect to services where
# the service name's IP address PTR record may not match the hostname
# (e.g., for services running in Amazon Web Services).
# $rdns_enabled:
# If 'true' have the Kerberos client do a reverse DNS lookup on the
# hostname when connecting to a server. This should be set to 'false' if
# you want the client to be able to connect to services where the service
# name's IP address PTR record may not match the hostname (e.g., for
# services running in Amazon Web Services).
# Default: true
class base::kerberos(
$prefer_tcp = false,
......@@ -40,7 +43,7 @@ class base::kerberos(
# We only allow the 'prod', 'uat', and 'test' environments.
case $krb_env {
'prod', 'uat', 'test': {}
'prod', 'uat', 'test', 'qa': {}
default: { fail("unrecognized kerberos environment '${krb_env}'") }
}
......
......@@ -76,6 +76,14 @@ elsif (@krb_env == 'test') then
admin_server = kerberos-test.stanford.edu
kpasswd_server = kerberos-test.stanford.edu
<%
elsif (@krb_env == 'qa') then
-%>
kdc = kerberos-qa2.stanford.edu:88
kdc = kerberos-qa1.stanford.edu:88
master_kdc = master-kdc-qa.stanford.edu:88
admin_server = master-kdc-qa.stanford.edu
kpasswd_server = master-kdc-qa.stanford.edu
<%
else
if (@drSite) then
-%>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment