manifests/post_config.pp

   1 # == Class opendaylight::post_config
   2 #
   3 # This class handles ODL config changes after ODL has come up.
   4 # These configuration changes do not require restart of ODL.
   5 # It's called from the opendaylight class.
   6 #
   7 class opendaylight::post_config {
   8   # Add trusted certs to ODL keystore
   9   $curl_post = "curl -k -X POST -o /dev/null --fail --silent -H 'Content-Type: application/json' -H 'Cache-Control: no-cache'"
  10   $cert_rest_url = "https://${opendaylight::odl_bind_ip}:${opendaylight::odl_rest_port}/restconf/operations/aaa-cert-rpc:setNodeCertifcate"
  11   if $opendaylight::enable_tls {
  12     if !empty($opendaylight::tls_trusted_certs) {
  13       $opendaylight::tls_trusted_certs.each |$idx, $cert| {
  14         $cert_data = convert_cert_to_string($cert)
  15         $rest_data = @("END":json/L)
  16           {\
  17             "aaa-cert-rpc:input": {\
  18             "aaa-cert-rpc:node-alias": "node${idx}",\
  19             "aaa-cert-rpc:node-cert": "${cert_data}"\
  20             }\
  21           }
  22           |-END
  23
  24         exec { "Add trusted cert: ${cert}":
  25           command   => "${curl_post} -u ${opendaylight::username}:${
  26             opendaylight::password} -d '${rest_data}' ${cert_rest_url}",
  27           tries     => 5,
  28           try_sleep => 30,
  29           path      => '/usr/sbin:/usr/bin:/sbin:/bin',
  30         }
  31       }
  32     }
  33   }
  34 }