diff options
author | Cédric Jeanneret <cedric.jeanneret@camptocamp.com> | 2017-10-19 08:32:09 +0200 |
---|---|---|
committer | Cédric Jeanneret <cedric.jeanneret@camptocamp.com> | 2017-11-13 12:03:28 +0000 |
commit | 8eafd014a8c01826d50c12444271973aace8961b (patch) | |
tree | c9a7182b76a06f1ca485487bd3e53c933f12f83c | |
parent | f2b1ec7ee9c70563ed682c314910c8fd4c6871aa (diff) |
Create dedicated "apache" base profile
This profile has multiple purposes:
- group common httpd configurations/instructions
- correct a small issue with the "status" mod
Until now, only Horizon was specifically including this mode, and as
httpd wasn't listening on localhost, it wasn't in use at all.
With this commit, all API using apache will be able to provide the httpd
server status on 127.0.0.1/server-status.
Change-Id: If6d64f807c244d7e56852a67ac7dbad26c4c002f
Closes-Bug: 1724751
(cherry picked from commit 0933bc5fd896ac2474872bb1b4b217ad8f430885)
-rw-r--r-- | manifests/profile/base/aodh/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/apache.pp | 43 | ||||
-rw-r--r-- | manifests/profile/base/barbican/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/ceilometer/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/cinder/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/gnocchi/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/heat/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/heat/api_cfn.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/heat/api_cloudwatch.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/horizon.pp | 3 | ||||
-rw-r--r-- | manifests/profile/base/ironic/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/keystone.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/mistral/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/nova/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/nova/placement.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/panko/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/zaqar.pp | 2 | ||||
-rw-r--r-- | spec/classes/tripleo_profile_base_apache_spec.rb | 73 |
18 files changed, 133 insertions, 16 deletions
diff --git a/manifests/profile/base/aodh/api.pp b/manifests/profile/base/aodh/api.pp index d6ec32b..354490a 100644 --- a/manifests/profile/base/aodh/api.pp +++ b/manifests/profile/base/aodh/api.pp @@ -78,7 +78,7 @@ class tripleo::profile::base::aodh::api ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::aodh::api - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::aodh::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/apache.pp b/manifests/profile/base/apache.pp new file mode 100644 index 0000000..b3ae1ff --- /dev/null +++ b/manifests/profile/base/apache.pp @@ -0,0 +1,43 @@ +# Copyright 2017 Camptocamp SA. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class tripleo::profile::base::apache +# +# Common apache modules and configurationfor API listeners +# +# === Parameters +# +# [*enable_status_listener*] +# Enable or not the localhost listener in httpd. +# Accepted values: Boolean. +# Default to false. +# +# [*status_listener*] +# Where should apache listen for status page +# Default to 127.0.0.1:80 + + +class tripleo::profile::base::apache( + Boolean $enable_status_listener = false, + String $status_listener = '127.0.0.1:80', +) { + include ::apache::mod::status + include ::apache::mod::ssl + + if $enable_status_listener { + if !defined(Apache::Listen[$status_listener]) { + ::apache::listen {$status_listener: } + } + } +} diff --git a/manifests/profile/base/barbican/api.pp b/manifests/profile/base/barbican/api.pp index 48bf4b8..788bb5c 100644 --- a/manifests/profile/base/barbican/api.pp +++ b/manifests/profile/base/barbican/api.pp @@ -154,7 +154,7 @@ class tripleo::profile::base::barbican::api ( include ::barbican::api::logging include ::barbican::keystone::notification include ::barbican::quota - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::barbican::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/ceilometer/api.pp b/manifests/profile/base/ceilometer/api.pp index 11c1da3..cd20507 100644 --- a/manifests/profile/base/ceilometer/api.pp +++ b/manifests/profile/base/ceilometer/api.pp @@ -76,7 +76,7 @@ class tripleo::profile::base::ceilometer::api ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::ceilometer::api - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::ceilometer::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/cinder/api.pp b/manifests/profile/base/cinder/api.pp index 892e4ed..5461a40 100644 --- a/manifests/profile/base/cinder/api.pp +++ b/manifests/profile/base/cinder/api.pp @@ -85,7 +85,7 @@ class tripleo::profile::base::cinder::api ( class { '::cinder::api': keymgr_api_class => $keymgr_api_class, } - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::cinder::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/gnocchi/api.pp b/manifests/profile/base/gnocchi/api.pp index c958359..fdd0517 100644 --- a/manifests/profile/base/gnocchi/api.pp +++ b/manifests/profile/base/gnocchi/api.pp @@ -97,7 +97,7 @@ class tripleo::profile::base::gnocchi::api ( if $step >= 4 or ($step >= 3 and $sync_db) { include ::gnocchi::api - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::gnocchi::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/heat/api.pp b/manifests/profile/base/heat/api.pp index 2221b37..46435bf 100644 --- a/manifests/profile/base/heat/api.pp +++ b/manifests/profile/base/heat/api.pp @@ -76,7 +76,7 @@ class tripleo::profile::base::heat::api ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::heat::api - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::heat::wsgi::apache_api': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/heat/api_cfn.pp b/manifests/profile/base/heat/api_cfn.pp index 1014b04..a2f3287 100644 --- a/manifests/profile/base/heat/api_cfn.pp +++ b/manifests/profile/base/heat/api_cfn.pp @@ -77,7 +77,7 @@ class tripleo::profile::base::heat::api_cfn ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::heat::api_cfn - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::heat::wsgi::apache_api_cfn': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/heat/api_cloudwatch.pp b/manifests/profile/base/heat/api_cloudwatch.pp index 4caac9d..7e39028 100644 --- a/manifests/profile/base/heat/api_cloudwatch.pp +++ b/manifests/profile/base/heat/api_cloudwatch.pp @@ -77,7 +77,7 @@ class tripleo::profile::base::heat::api_cloudwatch ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::heat::api_cloudwatch - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::heat::wsgi::apache_api_cloudwatch': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/horizon.pp b/manifests/profile/base/horizon.pp index 9441329..157d0c0 100644 --- a/manifests/profile/base/horizon.pp +++ b/manifests/profile/base/horizon.pp @@ -85,7 +85,8 @@ class tripleo::profile::base::horizon ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { # Horizon include ::apache::mod::remoteip - include ::apache::mod::status + include ::tripleo::profile::base::apache + if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers', undef) { $_profile_support = 'cisco' } else { diff --git a/manifests/profile/base/ironic/api.pp b/manifests/profile/base/ironic/api.pp index bbc91f5..78bf9db 100644 --- a/manifests/profile/base/ironic/api.pp +++ b/manifests/profile/base/ironic/api.pp @@ -75,7 +75,7 @@ class tripleo::profile::base::ironic::api ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::ironic::api - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::ironic::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp index 6ce655e..ef91f1d 100644 --- a/manifests/profile/base/keystone.pp +++ b/manifests/profile/base/keystone.pp @@ -211,7 +211,7 @@ class tripleo::profile::base::keystone ( } include ::keystone::config - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::keystone::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/mistral/api.pp b/manifests/profile/base/mistral/api.pp index 2ab2d96..f13a44f 100644 --- a/manifests/profile/base/mistral/api.pp +++ b/manifests/profile/base/mistral/api.pp @@ -84,7 +84,7 @@ class tripleo::profile::base::mistral::api ( # Temporarily disable Mistral API deployed in WSGI # https://bugs.launchpad.net/tripleo/+bug/1724607 if $mistral_api_wsgi_enabled { - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::mistral::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/nova/api.pp b/manifests/profile/base/nova/api.pp index 2ff1add..d7764a5 100644 --- a/manifests/profile/base/nova/api.pp +++ b/manifests/profile/base/nova/api.pp @@ -134,7 +134,7 @@ class tripleo::profile::base::nova::api ( $tls_keyfile = undef } if $step >= 4 or ($step >= 3 and $sync_db) { - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::nova::wsgi::apache_api': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/nova/placement.pp b/manifests/profile/base/nova/placement.pp index 48af39a..33e40b2 100644 --- a/manifests/profile/base/nova/placement.pp +++ b/manifests/profile/base/nova/placement.pp @@ -74,7 +74,7 @@ class tripleo::profile::base::nova::placement ( } if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::nova::wsgi::apache_placement': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/panko/api.pp b/manifests/profile/base/panko/api.pp index 3b1b8d9..a5f9ed0 100644 --- a/manifests/profile/base/panko/api.pp +++ b/manifests/profile/base/panko/api.pp @@ -79,7 +79,7 @@ class tripleo::profile::base::panko::api ( class { '::panko::api': sync_db => $sync_db, } - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::panko::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/zaqar.pp b/manifests/profile/base/zaqar.pp index 573984d..8429c85 100644 --- a/manifests/profile/base/zaqar.pp +++ b/manifests/profile/base/zaqar.pp @@ -119,7 +119,7 @@ class tripleo::profile::base::zaqar ( } include ::zaqar::transport::websocket - include ::apache::mod::ssl + include ::tripleo::profile::base::apache include ::zaqar::transport::wsgi # TODO (bcrochet): At some point, the transports should be split out to diff --git a/spec/classes/tripleo_profile_base_apache_spec.rb b/spec/classes/tripleo_profile_base_apache_spec.rb new file mode 100644 index 0000000..8b3244f --- /dev/null +++ b/spec/classes/tripleo_profile_base_apache_spec.rb @@ -0,0 +1,73 @@ +# +# Copyright (C) 2017 Camptocamp SA. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::apache' do + shared_examples_for 'tripleo::profile::base::apache' do + + context 'with default params' do + it 'should trigger complete configuration' do + is_expected.to contain_class('apache::mod::status') + is_expected.to contain_class('apache::mod::ssl') + is_expected.to_not contain_apache__listen('127.0.0.1:80') + end + end + + context 'Activate listener' do + let(:params) { { + :enable_status_listener => true, + } } + + it 'should trigger complete configuration' do + is_expected.to contain_class('apache::mod::status') + is_expected.to contain_class('apache::mod::ssl') + is_expected.to contain_apache__listen('127.0.0.1:80') + end + end + + context 'Change listener' do + let(:params) {{ + :enable_status_listener => true, + :status_listener => '10.10.0.10:80', + }} + it 'should trigger complete configuration' do + is_expected.to contain_class('apache::mod::status') + is_expected.to contain_class('apache::mod::ssl') + is_expected.to contain_apache__listen('10.10.0.10:80') + end + end + + + context 'Provide wrong value for ensure_status_listener' do + let(:params) {{ + :enable_status_listener => 'fooo', + }} + it { is_expected.to compile.and_raise_error(/expects a Boolean value/) } + end + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::base::apache' + end + end +end |