openstack
/
charm-keystone
Code Issues Proposed changes

Add support for HAProxy L7 checks 

This change add several configuration options to enable HTTP checks
to the HAProxy configuration, instead of the default TCP connection
checks (which continue to be the default)

Closes-Bug: #1880610
Change-Id: I50a9442ae66da71793a5e9904d23c26d1fbbdf42
This commit is contained in:
Gabriel Cocenza 2023-02-15 19:09:25 -03:00 committed by Gabriel Angelo Sgarbi Cocenza
parent b5c4eb2eae
commit 04480c4ff4
3 changed files with 27 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
hooks/keystone_context.py
View File

@ -163,10 +163,22 @@ class HAProxyContext(context.HAProxyContext):
api_port('keystone-public'), a_public_port], api_port('keystone-public'), a_public_port],
} }
healthcheck = [{
'option': 'httpchk GET /healthcheck',
'http-check': 'expect status 200',
}]
backend_options = {
'admin-port': healthcheck,
'public-port': healthcheck,
}
# for haproxy.conf # for haproxy.conf
ctxt['service_ports'] = port_mapping ctxt['service_ports'] = port_mapping
# for keystone.conf # for keystone.conf
ctxt['listen_ports'] = listen_ports ctxt['listen_ports'] = listen_ports
ctxt['backend_options'] = backend_options
ctxt['https'] = https()
return ctxt return ctxt

2
tox.ini
View File

@ -25,7 +25,7 @@ setenv = VIRTUAL_ENV={envdir}
commands = stestr run --slowest {posargs} commands = stestr run --slowest {posargs}
allowlist_externals = allowlist_externals =
charmcraft charmcraft
rename.sh {toxinidir}/rename.sh
passenv = passenv =
HOME HOME
TERM TERM

15
unit_tests/test_keystone_contexts.py
View File

@ -86,6 +86,7 @@ class TestKeystoneContexts(CharmTestCase):
'ext_ports': [34]}) 'ext_ports': [34]})
self.assertTrue(mock_https.called) self.assertTrue(mock_https.called)
@patch('keystone_context.https')
@patch('charmhelpers.contrib.openstack.context.is_ipv6_disabled') @patch('charmhelpers.contrib.openstack.context.is_ipv6_disabled')
@patch('charmhelpers.contrib.openstack.context.get_relation_ip') @patch('charmhelpers.contrib.openstack.context.get_relation_ip')
@patch('charmhelpers.contrib.openstack.context.mkdir') @patch('charmhelpers.contrib.openstack.context.mkdir')
@ -103,7 +104,8 @@ class TestKeystoneContexts(CharmTestCase):
self, mock_open, mock_kv, mock_log, mock_relation_get, self, mock_open, mock_kv, mock_log, mock_relation_get,
mock_related_units, mock_relation_ids, mock_config, mock_related_units, mock_relation_ids, mock_config,
mock_get_address_in_network, mock_get_netmask_for_address, mock_get_address_in_network, mock_get_netmask_for_address,
mock_api_port, mock_mkdir, mock_get_relation_ip, is_ipv6_disabled): mock_api_port, mock_mkdir, mock_get_relation_ip,
is_ipv6_disabled, mock_https):
os.environ['JUJU_UNIT_NAME'] = 'keystone' os.environ['JUJU_UNIT_NAME'] = 'keystone'
mock_relation_ids.return_value = ['identity-service:0', ] mock_relation_ids.return_value = ['identity-service:0', ]
@ -116,9 +118,15 @@ class TestKeystoneContexts(CharmTestCase):
self.determine_apache_port.return_value = '34' self.determine_apache_port.return_value = '34'
mock_api_port.return_value = '12' mock_api_port.return_value = '12'
mock_kv().get.return_value = 'abcdefghijklmnopqrstuvwxyz123456' mock_kv().get.return_value = 'abcdefghijklmnopqrstuvwxyz123456'
mock_https.return_value = True
is_ipv6_disabled.return_value = False is_ipv6_disabled.return_value = False
ctxt = context.HAProxyContext() ctxt = context.HAProxyContext()
healthcheck = [{
'option': 'httpchk GET /healthcheck',
'http-check': 'expect status 200',
}]
self.maxDiff = None self.maxDiff = None
_ctxt = ctxt() _ctxt = ctxt()
test_ctxt = { test_ctxt = {
@ -135,6 +143,11 @@ class TestKeystoneContexts(CharmTestCase):
'admin-port': ['12', '34'], 'admin-port': ['12', '34'],
'public-port': ['12', '34'] 'public-port': ['12', '34']
}, },
'backend_options': {
'admin-port': healthcheck,
'public-port': healthcheck,
},
'https': True,
'default_backend': '1.2.3.4', 'default_backend': '1.2.3.4',
'frontends': { 'frontends': {
'1.2.3.4': { '1.2.3.4': {