summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--manifests/profile/base/aodh/api.pp2
-rw-r--r--manifests/profile/base/apache.pp43
-rw-r--r--manifests/profile/base/barbican/api.pp2
-rw-r--r--manifests/profile/base/ceilometer/api.pp2
-rw-r--r--manifests/profile/base/cinder/api.pp2
-rw-r--r--manifests/profile/base/gnocchi/api.pp2
-rw-r--r--manifests/profile/base/heat/api.pp2
-rw-r--r--manifests/profile/base/heat/api_cfn.pp2
-rw-r--r--manifests/profile/base/heat/api_cloudwatch.pp2
-rw-r--r--manifests/profile/base/horizon.pp3
-rw-r--r--manifests/profile/base/ironic/api.pp2
-rw-r--r--manifests/profile/base/keystone.pp2
-rw-r--r--manifests/profile/base/mistral/api.pp2
-rw-r--r--manifests/profile/base/nova/api.pp2
-rw-r--r--manifests/profile/base/nova/placement.pp2
-rw-r--r--manifests/profile/base/panko/api.pp2
-rw-r--r--manifests/profile/base/zaqar.pp2
-rw-r--r--spec/classes/tripleo_profile_base_apache_spec.rb73
18 files changed, 133 insertions, 16 deletions
diff --git a/manifests/profile/base/aodh/api.pp b/manifests/profile/base/aodh/api.pp
index d6ec32b..354490a 100644
--- a/manifests/profile/base/aodh/api.pp
+++ b/manifests/profile/base/aodh/api.pp
@@ -78,7 +78,7 @@ class tripleo::profile::base::aodh::api (
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
include ::aodh::api
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::aodh::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/apache.pp b/manifests/profile/base/apache.pp
new file mode 100644
index 0000000..b3ae1ff
--- /dev/null
+++ b/manifests/profile/base/apache.pp
@@ -0,0 +1,43 @@
+# Copyright 2017 Camptocamp SA.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class tripleo::profile::base::apache
+#
+# Common apache modules and configurationfor API listeners
+#
+# === Parameters
+#
+# [*enable_status_listener*]
+# Enable or not the localhost listener in httpd.
+# Accepted values: Boolean.
+# Default to false.
+#
+# [*status_listener*]
+# Where should apache listen for status page
+# Default to 127.0.0.1:80
+
+
+class tripleo::profile::base::apache(
+ Boolean $enable_status_listener = false,
+ String $status_listener = '127.0.0.1:80',
+) {
+ include ::apache::mod::status
+ include ::apache::mod::ssl
+
+ if $enable_status_listener {
+ if !defined(Apache::Listen[$status_listener]) {
+ ::apache::listen {$status_listener: }
+ }
+ }
+}
diff --git a/manifests/profile/base/barbican/api.pp b/manifests/profile/base/barbican/api.pp
index 48bf4b8..788bb5c 100644
--- a/manifests/profile/base/barbican/api.pp
+++ b/manifests/profile/base/barbican/api.pp
@@ -154,7 +154,7 @@ class tripleo::profile::base::barbican::api (
include ::barbican::api::logging
include ::barbican::keystone::notification
include ::barbican::quota
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::barbican::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/ceilometer/api.pp b/manifests/profile/base/ceilometer/api.pp
index 11c1da3..cd20507 100644
--- a/manifests/profile/base/ceilometer/api.pp
+++ b/manifests/profile/base/ceilometer/api.pp
@@ -76,7 +76,7 @@ class tripleo::profile::base::ceilometer::api (
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
include ::ceilometer::api
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::ceilometer::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/cinder/api.pp b/manifests/profile/base/cinder/api.pp
index 892e4ed..5461a40 100644
--- a/manifests/profile/base/cinder/api.pp
+++ b/manifests/profile/base/cinder/api.pp
@@ -85,7 +85,7 @@ class tripleo::profile::base::cinder::api (
class { '::cinder::api':
keymgr_api_class => $keymgr_api_class,
}
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::cinder::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/gnocchi/api.pp b/manifests/profile/base/gnocchi/api.pp
index c958359..fdd0517 100644
--- a/manifests/profile/base/gnocchi/api.pp
+++ b/manifests/profile/base/gnocchi/api.pp
@@ -97,7 +97,7 @@ class tripleo::profile::base::gnocchi::api (
if $step >= 4 or ($step >= 3 and $sync_db) {
include ::gnocchi::api
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::gnocchi::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/heat/api.pp b/manifests/profile/base/heat/api.pp
index 2221b37..46435bf 100644
--- a/manifests/profile/base/heat/api.pp
+++ b/manifests/profile/base/heat/api.pp
@@ -76,7 +76,7 @@ class tripleo::profile::base::heat::api (
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
include ::heat::api
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::heat::wsgi::apache_api':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/heat/api_cfn.pp b/manifests/profile/base/heat/api_cfn.pp
index 1014b04..a2f3287 100644
--- a/manifests/profile/base/heat/api_cfn.pp
+++ b/manifests/profile/base/heat/api_cfn.pp
@@ -77,7 +77,7 @@ class tripleo::profile::base::heat::api_cfn (
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
include ::heat::api_cfn
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::heat::wsgi::apache_api_cfn':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/heat/api_cloudwatch.pp b/manifests/profile/base/heat/api_cloudwatch.pp
index 4caac9d..7e39028 100644
--- a/manifests/profile/base/heat/api_cloudwatch.pp
+++ b/manifests/profile/base/heat/api_cloudwatch.pp
@@ -77,7 +77,7 @@ class tripleo::profile::base::heat::api_cloudwatch (
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
include ::heat::api_cloudwatch
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::heat::wsgi::apache_api_cloudwatch':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/horizon.pp b/manifests/profile/base/horizon.pp
index 9441329..157d0c0 100644
--- a/manifests/profile/base/horizon.pp
+++ b/manifests/profile/base/horizon.pp
@@ -85,7 +85,8 @@ class tripleo::profile::base::horizon (
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
# Horizon
include ::apache::mod::remoteip
- include ::apache::mod::status
+ include ::tripleo::profile::base::apache
+
if 'cisco_n1kv' in hiera('neutron::plugins::ml2::mechanism_drivers', undef) {
$_profile_support = 'cisco'
} else {
diff --git a/manifests/profile/base/ironic/api.pp b/manifests/profile/base/ironic/api.pp
index bbc91f5..78bf9db 100644
--- a/manifests/profile/base/ironic/api.pp
+++ b/manifests/profile/base/ironic/api.pp
@@ -75,7 +75,7 @@ class tripleo::profile::base::ironic::api (
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
include ::ironic::api
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::ironic::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp
index 6ce655e..ef91f1d 100644
--- a/manifests/profile/base/keystone.pp
+++ b/manifests/profile/base/keystone.pp
@@ -211,7 +211,7 @@ class tripleo::profile::base::keystone (
}
include ::keystone::config
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::keystone::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/mistral/api.pp b/manifests/profile/base/mistral/api.pp
index 2ab2d96..f13a44f 100644
--- a/manifests/profile/base/mistral/api.pp
+++ b/manifests/profile/base/mistral/api.pp
@@ -84,7 +84,7 @@ class tripleo::profile::base::mistral::api (
# Temporarily disable Mistral API deployed in WSGI
# https://bugs.launchpad.net/tripleo/+bug/1724607
if $mistral_api_wsgi_enabled {
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::mistral::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/nova/api.pp b/manifests/profile/base/nova/api.pp
index 2ff1add..d7764a5 100644
--- a/manifests/profile/base/nova/api.pp
+++ b/manifests/profile/base/nova/api.pp
@@ -134,7 +134,7 @@ class tripleo::profile::base::nova::api (
$tls_keyfile = undef
}
if $step >= 4 or ($step >= 3 and $sync_db) {
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::nova::wsgi::apache_api':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/nova/placement.pp b/manifests/profile/base/nova/placement.pp
index 48af39a..33e40b2 100644
--- a/manifests/profile/base/nova/placement.pp
+++ b/manifests/profile/base/nova/placement.pp
@@ -74,7 +74,7 @@ class tripleo::profile::base::nova::placement (
}
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::nova::wsgi::apache_placement':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/panko/api.pp b/manifests/profile/base/panko/api.pp
index 3b1b8d9..a5f9ed0 100644
--- a/manifests/profile/base/panko/api.pp
+++ b/manifests/profile/base/panko/api.pp
@@ -79,7 +79,7 @@ class tripleo::profile::base::panko::api (
class { '::panko::api':
sync_db => $sync_db,
}
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
class { '::panko::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
diff --git a/manifests/profile/base/zaqar.pp b/manifests/profile/base/zaqar.pp
index 573984d..8429c85 100644
--- a/manifests/profile/base/zaqar.pp
+++ b/manifests/profile/base/zaqar.pp
@@ -119,7 +119,7 @@ class tripleo::profile::base::zaqar (
}
include ::zaqar::transport::websocket
- include ::apache::mod::ssl
+ include ::tripleo::profile::base::apache
include ::zaqar::transport::wsgi
# TODO (bcrochet): At some point, the transports should be split out to
diff --git a/spec/classes/tripleo_profile_base_apache_spec.rb b/spec/classes/tripleo_profile_base_apache_spec.rb
new file mode 100644
index 0000000..8b3244f
--- /dev/null
+++ b/spec/classes/tripleo_profile_base_apache_spec.rb
@@ -0,0 +1,73 @@
+#
+# Copyright (C) 2017 Camptocamp SA.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+require 'spec_helper'
+
+describe 'tripleo::profile::base::apache' do
+ shared_examples_for 'tripleo::profile::base::apache' do
+
+ context 'with default params' do
+ it 'should trigger complete configuration' do
+ is_expected.to contain_class('apache::mod::status')
+ is_expected.to contain_class('apache::mod::ssl')
+ is_expected.to_not contain_apache__listen('127.0.0.1:80')
+ end
+ end
+
+ context 'Activate listener' do
+ let(:params) { {
+ :enable_status_listener => true,
+ } }
+
+ it 'should trigger complete configuration' do
+ is_expected.to contain_class('apache::mod::status')
+ is_expected.to contain_class('apache::mod::ssl')
+ is_expected.to contain_apache__listen('127.0.0.1:80')
+ end
+ end
+
+ context 'Change listener' do
+ let(:params) {{
+ :enable_status_listener => true,
+ :status_listener => '10.10.0.10:80',
+ }}
+ it 'should trigger complete configuration' do
+ is_expected.to contain_class('apache::mod::status')
+ is_expected.to contain_class('apache::mod::ssl')
+ is_expected.to contain_apache__listen('10.10.0.10:80')
+ end
+ end
+
+
+ context 'Provide wrong value for ensure_status_listener' do
+ let(:params) {{
+ :enable_status_listener => 'fooo',
+ }}
+ it { is_expected.to compile.and_raise_error(/expects a Boolean value/) }
+ end
+ end
+
+
+ on_supported_os.each do |os, facts|
+ context "on #{os}" do
+ let(:facts) do
+ facts.merge({ :hostname => 'node.example.com' })
+ end
+
+ it_behaves_like 'tripleo::profile::base::apache'
+ end
+ end
+end