Support manila-api deployment with Apache
Change-Id: Ib596f462592566683a5d84a8edf39ff7afe7fac0
This commit is contained in:
parent
8c73c1864a
commit
0a2687ab87
|
@ -29,6 +29,15 @@
|
|||
# (optional) Run db sync on the node
|
||||
# Defaults to true
|
||||
#
|
||||
# [*service_name*]
|
||||
# (optional) Name of the service that will be providing the
|
||||
# server functionality of manila-api.
|
||||
# If the value is 'httpd', this means manila-api will be a web
|
||||
# service, and you must use another class to configure that
|
||||
# web service. For example, use class { 'manila::wsgi::apache'...}
|
||||
# to make manila-api be a web app using apache mod_wsgi.
|
||||
# Defaults to '$::manila::params::api_service'
|
||||
#
|
||||
# [*manage_service*]
|
||||
# (optional) Whether to start/stop the service
|
||||
# Defaults to true
|
||||
|
@ -74,6 +83,7 @@ class manila::api (
|
|||
$enabled = true,
|
||||
$sync_db = true,
|
||||
$manage_service = true,
|
||||
$service_name = $::manila::params::api_service,
|
||||
$ratelimits = undef,
|
||||
$ratelimits_factory = 'manila.api.v1.limits:RateLimitingMiddleware.factory',
|
||||
$enable_proxy_headers_parsing = $::os_service_default,
|
||||
|
@ -82,7 +92,7 @@ class manila::api (
|
|||
# Deprecated
|
||||
$service_port = undef,
|
||||
$os_region_name = undef,
|
||||
) {
|
||||
) inherits manila::params {
|
||||
|
||||
include ::manila::deps
|
||||
include ::manila::params
|
||||
|
@ -119,14 +129,33 @@ class manila::api (
|
|||
}
|
||||
}
|
||||
|
||||
service { 'manila-api':
|
||||
ensure => $ensure,
|
||||
name => $::manila::params::api_service,
|
||||
enable => $enabled,
|
||||
hasstatus => true,
|
||||
tag => 'manila-service',
|
||||
}
|
||||
if $service_name == $::manila::params::api_service {
|
||||
service { 'manila-api':
|
||||
ensure => $ensure,
|
||||
name => $::manila::params::api_service,
|
||||
enable => $enabled,
|
||||
hasstatus => true,
|
||||
tag => 'manila-service',
|
||||
}
|
||||
|
||||
} elsif $service_name == 'httpd' {
|
||||
# We need to make sure manila-api/eventlet is stopped before trying to
|
||||
# start apache
|
||||
include ::apache::params
|
||||
service { 'manila-api':
|
||||
ensure => 'stopped',
|
||||
name => $::manila::params::api_service,
|
||||
enable => false,
|
||||
tag => ['manila-service'],
|
||||
}
|
||||
Service <| title == 'httpd' |> { tag +> 'manila-service' }
|
||||
|
||||
Service['manila-api'] -> Service[$service_name]
|
||||
} else {
|
||||
fail("Invalid service_name. Either use manila-api/openstack-manila-api \
|
||||
for running as a standalone service, or httpd for being run by a httpd \
|
||||
server.")
|
||||
}
|
||||
manila_config {
|
||||
'DEFAULT/osapi_share_listen': value => $bind_host;
|
||||
'DEFAULT/enabled_share_protocols': value => $enabled_share_protocols;
|
||||
|
|
|
@ -123,9 +123,6 @@ class manila::keystone::auth (
|
|||
$password_v2_real = $password_v2
|
||||
}
|
||||
|
||||
Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'manila-api' |>
|
||||
Keystone_user_role["${auth_name_v2}@${tenant}"] ~> Service <| name == 'manila-api' |>
|
||||
|
||||
keystone::resource::service_identity { 'manila':
|
||||
configure_user => true,
|
||||
configure_user_role => true,
|
||||
|
|
|
@ -27,6 +27,8 @@ class manila::params {
|
|||
$share_service = 'manila-share'
|
||||
$gluster_client_package_name = 'glusterfs-client'
|
||||
$gluster_package_name = 'glusterfs-common'
|
||||
$manila_wsgi_script_path = '/usr/lib/cgi-bin/manila'
|
||||
$manila_wsgi_script_source = '/usr/bin/manila-wsgi'
|
||||
}
|
||||
'RedHat': {
|
||||
$package_name = 'openstack-manila'
|
||||
|
@ -38,6 +40,8 @@ class manila::params {
|
|||
$share_service = 'openstack-manila-share'
|
||||
$gluster_client_package_name = 'glusterfs-fuse'
|
||||
$gluster_package_name = 'glusterfs'
|
||||
$manila_wsgi_script_path = '/var/www/cgi-bin/manila'
|
||||
$manila_wsgi_script_source = '/usr/bin/manila-wsgi'
|
||||
}
|
||||
default: {
|
||||
fail("unsupported osfamily ${::osfamily}, currently Debian and Redhat are the only supported platforms")
|
||||
|
|
|
@ -0,0 +1,164 @@
|
|||
# Copyright (C) 2018 Red Hat Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# Class to serve neutron API with apache mod_wsgi in place of manila-api
|
||||
# service.
|
||||
#
|
||||
# Serving manila API from apache is the recommended way to go for production
|
||||
# because of limited performance for concurrent accesses when running eventlet.
|
||||
#
|
||||
# When using this class you should disable your eventlet based manila-api
|
||||
# service.
|
||||
#
|
||||
# == Parameters
|
||||
#
|
||||
# [*servername*]
|
||||
# The servername for the virtualhost.
|
||||
# Optional. Defaults to $::fqdn
|
||||
#
|
||||
# [*port*]
|
||||
# The port.
|
||||
# Optional. Defaults to 8786
|
||||
#
|
||||
# [*bind_host*]
|
||||
# The host/ip address Apache will listen on.
|
||||
# Optional. Defaults to undef (listen on all ip addresses).
|
||||
#
|
||||
# [*path*]
|
||||
# The prefix for the endpoint.
|
||||
# Optional. Defaults to '/'
|
||||
#
|
||||
# [*ssl*]
|
||||
# Use ssl ? (boolean)
|
||||
# Optional. Defaults to true
|
||||
#
|
||||
# [*workers*]
|
||||
# Number of WSGI workers to spawn.
|
||||
# Optional. Defaults to $::os_workers
|
||||
#
|
||||
# [*priority*]
|
||||
# (optional) The priority for the vhost.
|
||||
# Defaults to '10'
|
||||
#
|
||||
# [*threads*]
|
||||
# (optional) The number of threads for the vhost.
|
||||
# Defaults to 1
|
||||
#
|
||||
# [*wsgi_process_display_name*]
|
||||
# (optional) Name of the WSGI process display-name.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*ssl_cert*]
|
||||
# [*ssl_key*]
|
||||
# [*ssl_chain*]
|
||||
# [*ssl_ca*]
|
||||
# [*ssl_crl_path*]
|
||||
# [*ssl_crl*]
|
||||
# [*ssl_certs_dir*]
|
||||
# apache::vhost ssl parameters.
|
||||
# Optional. Default to apache::vhost 'ssl_*' defaults.
|
||||
#
|
||||
# [*access_log_file*]
|
||||
# The log file name for the virtualhost.
|
||||
# Optional. Defaults to false.
|
||||
#
|
||||
# [*access_log_format*]
|
||||
# The log format for the virtualhost.
|
||||
# Optional. Defaults to false.
|
||||
#
|
||||
# [*error_log_file*]
|
||||
# The error log file name for the virtualhost.
|
||||
# Optional. Defaults to undef.
|
||||
#
|
||||
# [*custom_wsgi_process_options*]
|
||||
# (optional) gives you the opportunity to add custom process options or to
|
||||
# overwrite the default options for the WSGI main process.
|
||||
# eg. to use a virtual python environment for the WSGI process
|
||||
# you could set it to:
|
||||
# { python-path => '/my/python/virtualenv' }
|
||||
# Defaults to {}
|
||||
#
|
||||
# == Dependencies
|
||||
#
|
||||
# requires Class['apache'] & Class['manila']
|
||||
#
|
||||
# == Examples
|
||||
#
|
||||
# include apache
|
||||
#
|
||||
# class { 'manila::wsgi::apache': }
|
||||
#
|
||||
|
||||
class manila::wsgi::apache (
|
||||
$servername = $::fqdn,
|
||||
$port = 8786,
|
||||
$bind_host = undef,
|
||||
$path = '/',
|
||||
$ssl = true,
|
||||
$workers = $::os_workers,
|
||||
$ssl_cert = undef,
|
||||
$ssl_key = undef,
|
||||
$ssl_chain = undef,
|
||||
$ssl_ca = undef,
|
||||
$ssl_crl_path = undef,
|
||||
$ssl_crl = undef,
|
||||
$ssl_certs_dir = undef,
|
||||
$wsgi_process_display_name = undef,
|
||||
$threads = 1,
|
||||
$priority = '10',
|
||||
$access_log_file = false,
|
||||
$access_log_format = false,
|
||||
$error_log_file = undef,
|
||||
$custom_wsgi_process_options = {},
|
||||
) {
|
||||
|
||||
include ::manila::deps
|
||||
include ::manila::params
|
||||
include ::apache
|
||||
include ::apache::mod::wsgi
|
||||
if $ssl {
|
||||
include ::apache::mod::ssl
|
||||
}
|
||||
|
||||
::openstacklib::wsgi::apache { 'manila_wsgi':
|
||||
bind_host => $bind_host,
|
||||
bind_port => $port,
|
||||
group => 'manila',
|
||||
path => $path,
|
||||
priority => $priority,
|
||||
servername => $servername,
|
||||
ssl => $ssl,
|
||||
ssl_ca => $ssl_ca,
|
||||
ssl_cert => $ssl_cert,
|
||||
ssl_certs_dir => $ssl_certs_dir,
|
||||
ssl_chain => $ssl_chain,
|
||||
ssl_crl => $ssl_crl,
|
||||
ssl_crl_path => $ssl_crl_path,
|
||||
ssl_key => $ssl_key,
|
||||
threads => $threads,
|
||||
user => 'manila',
|
||||
workers => $workers,
|
||||
wsgi_daemon_process => 'manila-api',
|
||||
wsgi_process_display_name => $wsgi_process_display_name,
|
||||
wsgi_process_group => 'manila-api',
|
||||
wsgi_script_dir => $::manila::params::manila_wsgi_script_path,
|
||||
wsgi_script_file => 'manila-api',
|
||||
wsgi_script_source => $::manila::params::manila_wsgi_script_source,
|
||||
custom_wsgi_process_options => $custom_wsgi_process_options,
|
||||
access_log_file => $access_log_file,
|
||||
access_log_format => $access_log_format,
|
||||
error_log_file => $error_log_file,
|
||||
require => Anchor['manila::install::end'],
|
||||
}
|
||||
}
|
|
@ -28,6 +28,10 @@
|
|||
{
|
||||
"name": "openstack/oslo",
|
||||
"version_requirement": ">=13.3.0 <14.0.0"
|
||||
},
|
||||
{
|
||||
"name": "puppetlabs/apache",
|
||||
"version_requirement": ">=3.0.0"
|
||||
}
|
||||
],
|
||||
"description": "Installs and configures OpenStack Manila (Shared Filesystems).",
|
||||
|
@ -75,4 +79,4 @@
|
|||
"source": "git://github.com/openstack/puppet-manila.git",
|
||||
"summary": "Puppet module for OpenStack Manila",
|
||||
"version": "13.3.0"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
The manila API service can now be installed with Apache, instead of the
|
||||
package-provided built-in eventlet based wsgi server. Set
|
||||
$manila::api::service_name to 'httpd' to run the Manila API as
|
||||
virtual host on an apache based web server.
|
|
@ -47,7 +47,13 @@ describe 'basic manila' do
|
|||
class { '::manila::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
class { '::manila::api': }
|
||||
class { '::manila::api':
|
||||
service_name => 'httpd',
|
||||
}
|
||||
include ::apache
|
||||
class { '::manila::wsgi::apache':
|
||||
ssl => false,
|
||||
}
|
||||
class { '::manila::scheduler': }
|
||||
|
||||
# missing: backends, share, service_instance
|
||||
|
@ -60,7 +66,7 @@ describe 'basic manila' do
|
|||
end
|
||||
|
||||
describe port(8786) do
|
||||
it { is_expected.to be_listening.with('tcp') }
|
||||
it { is_expected.to be_listening }
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -12,7 +12,11 @@ describe 'manila::api' do
|
|||
end
|
||||
|
||||
let :facts do
|
||||
@default_facts.merge({:osfamily => 'Debian'})
|
||||
@default_facts.merge({
|
||||
:osfamily => 'Debian',
|
||||
:operatingsystem => 'Debian',
|
||||
:operatingsystemrelease => 'jessie'
|
||||
})
|
||||
end
|
||||
|
||||
describe 'with only required params' do
|
||||
|
@ -20,12 +24,13 @@ describe 'manila::api' do
|
|||
req_params
|
||||
end
|
||||
|
||||
it { is_expected.to contain_class('manila::policy') }
|
||||
it { is_expected.to contain_service('manila-api').with(
|
||||
'hasstatus' => true,
|
||||
'ensure' => 'running',
|
||||
'tag' => 'manila-service',
|
||||
)}
|
||||
it { is_expected.to contain_class('manila::policy') }
|
||||
|
||||
|
||||
it 'should configure manila api correctly' do
|
||||
is_expected.to contain_manila_config('DEFAULT/auth_strategy').with(:value => 'keystone')
|
||||
|
@ -135,4 +140,42 @@ describe 'manila::api' do
|
|||
)}
|
||||
end
|
||||
|
||||
describe 'when running manila-api in wsgi' do
|
||||
let :params do
|
||||
req_params.merge!({ :service_name => 'httpd' })
|
||||
end
|
||||
|
||||
let :pre_condition do
|
||||
"include ::apache
|
||||
class { 'manila': }
|
||||
class { '::manila::keystone::authtoken':
|
||||
password => 'foo',
|
||||
}"
|
||||
end
|
||||
|
||||
it 'configures manila-api service with Apache' do
|
||||
is_expected.to contain_service('manila-api').with(
|
||||
:ensure => 'stopped',
|
||||
:enable => false,
|
||||
:tag => ['manila-service'],
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'when service_name is not valid' do
|
||||
let :params do
|
||||
req_params.merge!({ :service_name => 'foobar' })
|
||||
end
|
||||
|
||||
let :pre_condition do
|
||||
"include ::apache
|
||||
class { 'manila': }
|
||||
class { '::manila::keystone::authtoken':
|
||||
password => 'foo',
|
||||
}"
|
||||
end
|
||||
|
||||
it_raises 'a Puppet::Error', /Invalid service_name/
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -0,0 +1,112 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'manila::wsgi::apache' do
|
||||
|
||||
shared_examples_for 'apache serving manila with mod_wsgi' do
|
||||
context 'with default parameters' do
|
||||
it { is_expected.to contain_class('manila::params') }
|
||||
it { is_expected.to contain_class('apache') }
|
||||
it { is_expected.to contain_class('apache::mod::wsgi') }
|
||||
it { is_expected.to contain_class('apache::mod::ssl') }
|
||||
it { is_expected.to contain_openstacklib__wsgi__apache('manila_wsgi').with(
|
||||
:bind_port => 8786,
|
||||
:group => 'manila',
|
||||
:path => '/',
|
||||
:servername => facts[:fqdn],
|
||||
:ssl => true,
|
||||
:threads => 1,
|
||||
:user => 'manila',
|
||||
:workers => facts[:os_workers],
|
||||
:wsgi_daemon_process => 'manila-api',
|
||||
:wsgi_process_group => 'manila-api',
|
||||
:wsgi_script_dir => platform_params[:wsgi_script_path],
|
||||
:wsgi_script_file => 'manila-api',
|
||||
:wsgi_script_source => platform_params[:wsgi_script_source],
|
||||
:custom_wsgi_process_options => {},
|
||||
:access_log_file => false,
|
||||
:access_log_format => false,
|
||||
)}
|
||||
end
|
||||
|
||||
context'when overriding parameters using different ports' do
|
||||
let :params do
|
||||
{
|
||||
:servername => 'dummy.host',
|
||||
:bind_host => '10.42.51.1',
|
||||
:port => 12345,
|
||||
:ssl => false,
|
||||
:wsgi_process_display_name => 'manila-api',
|
||||
:workers => 37,
|
||||
:custom_wsgi_process_options => {
|
||||
'python_path' => '/my/python/admin/path',
|
||||
},
|
||||
:access_log_file => '/var/log/httpd/access_log',
|
||||
:access_log_format => 'some format',
|
||||
:error_log_file => '/var/log/httpd/error_log'
|
||||
}
|
||||
end
|
||||
it { is_expected.to contain_class('manila::params') }
|
||||
it { is_expected.to contain_class('apache') }
|
||||
it { is_expected.to contain_class('apache::mod::wsgi') }
|
||||
it { is_expected.to_not contain_class('apache::mod::ssl') }
|
||||
it { is_expected.to contain_openstacklib__wsgi__apache('manila_wsgi').with(
|
||||
:bind_host => '10.42.51.1',
|
||||
:bind_port => 12345,
|
||||
:group => 'manila',
|
||||
:path => '/',
|
||||
:servername => 'dummy.host',
|
||||
:ssl => false,
|
||||
:threads => 1,
|
||||
:user => 'manila',
|
||||
:workers => 37,
|
||||
:wsgi_daemon_process => 'manila-api',
|
||||
:wsgi_process_display_name => 'manila-api',
|
||||
:wsgi_process_group => 'manila-api',
|
||||
:wsgi_script_dir => platform_params[:wsgi_script_path],
|
||||
:wsgi_script_file => 'manila-api',
|
||||
:wsgi_script_source => platform_params[:wsgi_script_source],
|
||||
:custom_wsgi_process_options => {
|
||||
'python_path' => '/my/python/admin/path',
|
||||
},
|
||||
:access_log_file => '/var/log/httpd/access_log',
|
||||
:access_log_format => 'some format',
|
||||
:error_log_file => '/var/log/httpd/error_log'
|
||||
)}
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
:supported_os => OSDefaults.get_supported_os
|
||||
}).each do |os,facts|
|
||||
context "on #{os}" do
|
||||
let (:facts) do
|
||||
facts.merge!(OSDefaults.get_facts({
|
||||
:os_workers => 42,
|
||||
:concat_basedir => '/var/lib/puppet/concat',
|
||||
:fqdn => 'some.host.tld',
|
||||
}))
|
||||
end
|
||||
|
||||
let(:platform_params) do
|
||||
case facts[:osfamily]
|
||||
when 'Debian'
|
||||
{
|
||||
:httpd_service_name => 'apache2',
|
||||
:httpd_ports_file => '/etc/apache2/ports.conf',
|
||||
:wsgi_script_path => '/usr/lib/cgi-bin/manila',
|
||||
:wsgi_script_source => '/usr/bin/manila-wsgi'
|
||||
}
|
||||
when 'RedHat'
|
||||
{
|
||||
:httpd_service_name => 'httpd',
|
||||
:httpd_ports_file => '/etc/httpd/conf/ports.conf',
|
||||
:wsgi_script_path => '/var/www/cgi-bin/manila',
|
||||
:wsgi_script_source => '/usr/bin/manila-wsgi'
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
it_behaves_like 'apache serving manila with mod_wsgi'
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue