diff options
-rw-r--r-- | manifests/profile/base/aodh/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/apache.pp | 43 | ||||
-rw-r--r-- | manifests/profile/base/barbican/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/ceilometer/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/cinder/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/gnocchi/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/heat/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/heat/api_cfn.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/heat/api_cloudwatch.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/horizon.pp | 3 | ||||
-rw-r--r-- | manifests/profile/base/ironic/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/keystone.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/mistral/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/nova/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/nova/placement.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/panko/api.pp | 2 | ||||
-rw-r--r-- | manifests/profile/base/zaqar.pp | 2 | ||||
-rw-r--r-- | spec/classes/tripleo_profile_base_apache_spec.rb | 73 |
18 files changed, 133 insertions, 16 deletions
diff --git a/manifests/profile/base/aodh/api.pp b/manifests/profile/base/aodh/api.pp index d6ec32b..354490a 100644 --- a/manifests/profile/base/aodh/api.pp +++ b/manifests/profile/base/aodh/api.pp @@ -78,7 +78,7 @@ class tripleo::profile::base::aodh::api ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::aodh::api - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::aodh::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/apache.pp b/manifests/profile/base/apache.pp new file mode 100644 index 0000000..b3ae1ff --- /dev/null +++ b/manifests/profile/base/apache.pp @@ -0,0 +1,43 @@ +# Copyright 2017 Camptocamp SA. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class tripleo::profile::base::apache +# +# Common apache modules and configurationfor API listeners +# +# === Parameters +# +# [*enable_status_listener*] +# Enable or not the localhost listener in httpd. +# Accepted values: Boolean. +# Default to false. +# +# [*status_listener*] +# Where should apache listen for status page +# Default to 127.0.0.1:80 + + +class tripleo::profile::base::apache( + Boolean $enable_status_listener = false, + String $status_listener = '127.0.0.1:80', +) { + include ::apache::mod::status + include ::apache::mod::ssl + + if $enable_status_listener { + if !defined(Apache::Listen[$status_listener]) { + ::apache::listen {$status_listener: } + } + } +} diff --git a/manifests/profile/base/barbican/api.pp b/manifests/profile/base/barbican/api.pp index 48bf4b8..788bb5c 100644 --- a/manifests/profile/base/barbican/api.pp +++ b/manifests/profile/base/barbican/api.pp @@ -154,7 +154,7 @@ class tripleo::profile::base::barbican::api ( include ::barbican::api::logging include ::barbican::keystone::notification include ::barbican::quota - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::barbican::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/ceilometer/api.pp b/manifests/profile/base/ceilometer/api.pp index 11c1da3..cd20507 100644 --- a/manifests/profile/base/ceilometer/api.pp +++ b/manifests/profile/base/ceilometer/api.pp @@ -76,7 +76,7 @@ class tripleo::profile::base::ceilometer::api ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::ceilometer::api - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::ceilometer::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/cinder/api.pp b/manifests/profile/base/cinder/api.pp index 892e4ed..5461a40 100644 --- a/manifests/profile/base/cinder/api.pp +++ b/manifests/profile/base/cinder/api.pp @@ -85,7 +85,7 @@ class tripleo::profile::base::cinder::api ( class { '::cinder::api': keymgr_api_class => $keymgr_api_class, } - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::cinder::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/gnocchi/api.pp b/manifests/profile/base/gnocchi/api.pp index c958359..fdd0517 100644 --- a/manifests/profile/base/gnocchi/api.pp +++ b/manifests/profile/base/gnocchi/api.pp @@ -97,7 +97,7 @@ class tripleo::profile::base::gnocchi::api ( if $step >= 4 or ($step >= 3 and $sync_db) { include ::gnocchi::api - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::gnocchi::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/heat/api.pp b/manifests/profile/base/heat/api.pp index 2221b37..46435bf 100644 --- a/manifests/profile/base/heat/api.pp +++ b/manifests/profile/base/heat/api.pp @@ -76,7 +76,7 @@ class tripleo::profile::base::heat::api ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::heat::api - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::heat::wsgi::apache_api': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/heat/api_cfn.pp b/manifests/profile/base/heat/api_cfn.pp index 1014b04..a2f3287 100644 --- a/manifests/profile/base/heat/api_cfn.pp +++ b/manifests/profile/base/heat/api_cfn.pp @@ -77,7 +77,7 @@ class tripleo::profile::base::heat::api_cfn ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::heat::api_cfn - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::heat::wsgi::apache_api_cfn': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/heat/api_cloudwatch.pp b/manifests/profile/base/heat/api_cloudwatch.pp index 4caac9d..7e39028 100644 --- a/manifests/profile/base/heat/api_cloudwatch.pp +++ b/manifests/profile/base/heat/api_cloudwatch.pp @@ -77,7 +77,7 @@ class tripleo::profile::base::heat::api_cloudwatch ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::heat::api_cloudwatch - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::heat::wsgi::apache_api_cloudwatch': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/horizon.pp b/manifests/profile/base/horizon.pp index 9441329..157d0c0 100644 --- a/manifests/profile/base/horizon.pp +++ b/manifests/profile/base/horizon.pp @@ -85,7 +85,8 @@ class tripleo::profile::base::horizon ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { # Horizon include ::apache::mod::remoteip - include ::apache::mod::status + include ::tripleo::profile::base::apache + if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers', undef) { $_profile_support = 'cisco' } else { diff --git a/manifests/profile/base/ironic/api.pp b/manifests/profile/base/ironic/api.pp index bbc91f5..78bf9db 100644 --- a/manifests/profile/base/ironic/api.pp +++ b/manifests/profile/base/ironic/api.pp @@ -75,7 +75,7 @@ class tripleo::profile::base::ironic::api ( if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { include ::ironic::api - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::ironic::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp index 6dd271e..efc229c 100644 --- a/manifests/profile/base/keystone.pp +++ b/manifests/profile/base/keystone.pp @@ -222,7 +222,7 @@ class tripleo::profile::base::keystone ( } include ::keystone::config - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::keystone::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/mistral/api.pp b/manifests/profile/base/mistral/api.pp index 2ab2d96..f13a44f 100644 --- a/manifests/profile/base/mistral/api.pp +++ b/manifests/profile/base/mistral/api.pp @@ -84,7 +84,7 @@ class tripleo::profile::base::mistral::api ( # Temporarily disable Mistral API deployed in WSGI # https://bugs.launchpad.net/tripleo/+bug/1724607 if $mistral_api_wsgi_enabled { - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::mistral::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/nova/api.pp b/manifests/profile/base/nova/api.pp index 2ff1add..d7764a5 100644 --- a/manifests/profile/base/nova/api.pp +++ b/manifests/profile/base/nova/api.pp @@ -134,7 +134,7 @@ class tripleo::profile::base::nova::api ( $tls_keyfile = undef } if $step >= 4 or ($step >= 3 and $sync_db) { - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::nova::wsgi::apache_api': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/nova/placement.pp b/manifests/profile/base/nova/placement.pp index 48af39a..33e40b2 100644 --- a/manifests/profile/base/nova/placement.pp +++ b/manifests/profile/base/nova/placement.pp @@ -74,7 +74,7 @@ class tripleo::profile::base::nova::placement ( } if $step >= 4 or ( $step >= 3 and $is_bootstrap ) { - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::nova::wsgi::apache_placement': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/panko/api.pp b/manifests/profile/base/panko/api.pp index 3b1b8d9..a5f9ed0 100644 --- a/manifests/profile/base/panko/api.pp +++ b/manifests/profile/base/panko/api.pp @@ -79,7 +79,7 @@ class tripleo::profile::base::panko::api ( class { '::panko::api': sync_db => $sync_db, } - include ::apache::mod::ssl + include ::tripleo::profile::base::apache class { '::panko::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, diff --git a/manifests/profile/base/zaqar.pp b/manifests/profile/base/zaqar.pp index 573984d..8429c85 100644 --- a/manifests/profile/base/zaqar.pp +++ b/manifests/profile/base/zaqar.pp @@ -119,7 +119,7 @@ class tripleo::profile::base::zaqar ( } include ::zaqar::transport::websocket - include ::apache::mod::ssl + include ::tripleo::profile::base::apache include ::zaqar::transport::wsgi # TODO (bcrochet): At some point, the transports should be split out to diff --git a/spec/classes/tripleo_profile_base_apache_spec.rb b/spec/classes/tripleo_profile_base_apache_spec.rb new file mode 100644 index 0000000..8b3244f --- /dev/null +++ b/spec/classes/tripleo_profile_base_apache_spec.rb @@ -0,0 +1,73 @@ +# +# Copyright (C) 2017 Camptocamp SA. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::apache' do + shared_examples_for 'tripleo::profile::base::apache' do + + context 'with default params' do + it 'should trigger complete configuration' do + is_expected.to contain_class('apache::mod::status') + is_expected.to contain_class('apache::mod::ssl') + is_expected.to_not contain_apache__listen('127.0.0.1:80') + end + end + + context 'Activate listener' do + let(:params) { { + :enable_status_listener => true, + } } + + it 'should trigger complete configuration' do + is_expected.to contain_class('apache::mod::status') + is_expected.to contain_class('apache::mod::ssl') + is_expected.to contain_apache__listen('127.0.0.1:80') + end + end + + context 'Change listener' do + let(:params) {{ + :enable_status_listener => true, + :status_listener => '10.10.0.10:80', + }} + it 'should trigger complete configuration' do + is_expected.to contain_class('apache::mod::status') + is_expected.to contain_class('apache::mod::ssl') + is_expected.to contain_apache__listen('10.10.0.10:80') + end + end + + + context 'Provide wrong value for ensure_status_listener' do + let(:params) {{ + :enable_status_listener => 'fooo', + }} + it { is_expected.to compile.and_raise_error(/expects a Boolean value/) } + end + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::base::apache' + end + end +end |