Add support for openstack-common::sysctl
There are a number of sysctl settings in the OpenStack documentation that are not managed by the cookbooks. This approach will iterate over any attributes added to the node['openstack']['sysctl'] hash and write them out to /etc/sysctl.d/60-openstack.conf. The README.md had the recipe description within the Libraries section, separated into new Recipes section. Change-Id: Ic32184b78a0bcf4c3e704c7dcd1e9d009b1d95c6
This commit is contained in:
Matt Ray
parent
eb5eed7126
commit
1ab483c0eb
|
|
@ -2,6 +2,10 @@
|
|||
|
||||
This file is used to list changes made in each version of cookbook-openstack-common.
|
||||
|
||||
## 0.4.4:
|
||||
* Add support for openstack-common::sysctl and managing sysctl settings via the
|
||||
node['openstack']['sysctl'] hash, written out to /etc/sysctl.d/60-openstack.conf
|
||||
|
||||
## 0.4.3:
|
||||
* Corrected `#search_for` role and recipe queries.
|
||||
|
||||
|
|
|
|||
49
README.md
49
README.md
|
|
@ -24,23 +24,8 @@ of all the settable attributes for this cookbook.
|
|||
|
||||
Note that all attributes are in the `default["openstack"]` "namespace"
|
||||
|
||||
Libraries
|
||||
=========
|
||||
|
||||
This cookbook exposes a set of default library routines:
|
||||
|
||||
* `endpoint` -- Used to return a `::URI` object representing the named OpenStack endpoint
|
||||
* `endpoints` -- Useful for operating on all OpenStack endpoints
|
||||
* `db` -- Returns a Hash of information about a named OpenStack database
|
||||
* `db_uri` -- Returns the SQLAlchemy RFC-1738 DB URI (see: http://rfc.net/rfc1738.html) for a named OpenStack database
|
||||
* `db_create_with_user` -- Creates a database and database user for a named OpenStack database
|
||||
* `secret` -- Returns the value of an encrypted data bag for a named OpenStack secret key and key-section
|
||||
* `db_password` -- Ease-of-use helper that returns the decrypted database password for a named OpenStack database
|
||||
* `service_password` -- Ease-of-use helper that returns the decrypted service password for named OpenStack service
|
||||
* `user_password` -- Ease-of-use helper that returns the decrypted password for a Keystone user
|
||||
|
||||
Usage
|
||||
-----
|
||||
Recipes
|
||||
=======
|
||||
|
||||
default
|
||||
----
|
||||
|
|
@ -64,6 +49,36 @@ Installs/Configures common logging
|
|||
]
|
||||
```
|
||||
|
||||
sysctl
|
||||
----
|
||||
|
||||
Iterates over the contents of the `node['openstack']['sysctl']` hash and writes
|
||||
the entries to `/etc/sysctl.d/60-openstack.conf`.
|
||||
|
||||
```json
|
||||
"run_list": [
|
||||
"recipe[openstack-common::sysctl]"
|
||||
]
|
||||
```
|
||||
|
||||
Libraries
|
||||
=========
|
||||
|
||||
This cookbook exposes a set of default library routines:
|
||||
|
||||
* `endpoint` -- Used to return a `::URI` object representing the named OpenStack endpoint
|
||||
* `endpoints` -- Useful for operating on all OpenStack endpoints
|
||||
* `db` -- Returns a Hash of information about a named OpenStack database
|
||||
* `db_uri` -- Returns the SQLAlchemy RFC-1738 DB URI (see: http://rfc.net/rfc1738.html) for a named OpenStack database
|
||||
* `db_create_with_user` -- Creates a database and database user for a named OpenStack database
|
||||
* `secret` -- Returns the value of an encrypted data bag for a named OpenStack secret key and key-section
|
||||
* `db_password` -- Ease-of-use helper that returns the decrypted database password for a named OpenStack database
|
||||
* `service_password` -- Ease-of-use helper that returns the decrypted service password for named OpenStack service
|
||||
* `user_password` -- Ease-of-use helper that returns the decrypted password for a Keystone user
|
||||
|
||||
Usage
|
||||
-----
|
||||
|
||||
The following are code examples showing the above library routines in action.
|
||||
Remember when using the library routines exposed by this library to include
|
||||
the Openstack routines in your recipe's `::Chef::Recipe` namespace, like so:
|
||||
|
|
|
|||
|
|
@ -320,3 +320,7 @@ default["openstack"]["mq"]["service_type"] = "rabbitmq"
|
|||
default["openstack"]["mq"]["port"] = "5672"
|
||||
default["openstack"]["mq"]["user"] = "guest"
|
||||
default["openstack"]["mq"]["vhost"] = "/"
|
||||
|
||||
# Default sysctl settings
|
||||
default['openstack']['sysctl']['net.ipv4.conf.all.rp_filter'] = 0
|
||||
default['openstack']['sysctl']['net.ipv4.conf.default.rp_filter'] = 0
|
||||
|
|
|
|||
|
|
@ -4,10 +4,11 @@ maintainer_email "cookbooks@lists.tfoundry.com"
|
|||
license "Apache 2.0"
|
||||
description "Common OpenStack attributes, libraries and recipes."
|
||||
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
||||
version "0.4.3"
|
||||
version "0.4.4"
|
||||
|
||||
recipe "openstack-common", "Installs/Configures common recipes"
|
||||
recipe "openstack-common::logging", "Installs/Configures common logging"
|
||||
recipe "openstack-common::sysctl", "Configures sysctl settings"
|
||||
|
||||
%w{ ubuntu suse }.each do |os|
|
||||
supports os
|
||||
|
|
|
|||
|
|
@ -0,0 +1,30 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-common
|
||||
# recipe:: sysctl
|
||||
#
|
||||
# Copyright 2013, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
template "/etc/sysctl.d/60-openstack.conf" do
|
||||
source "60-openstack.conf.erb"
|
||||
owner "root"
|
||||
group "root"
|
||||
mode 00644
|
||||
end
|
||||
|
||||
execute "sysctl -p /etc/sysctl.d/60-openstack.conf" do
|
||||
action :nothing
|
||||
subscribes :run, "template[/etc/sysctl.d/60-openstack.conf]", :immediately
|
||||
end
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
require_relative "spec_helper"
|
||||
|
||||
describe "openstack-common::sysctl" do
|
||||
describe "ubuntu" do
|
||||
before do
|
||||
@chef_run = ::ChefSpec::ChefRunner.new ::UBUNTU_OPTS
|
||||
@chef_run.converge "openstack-common::sysctl"
|
||||
end
|
||||
|
||||
describe "60-openstack.conf" do
|
||||
before do
|
||||
@file = @chef_run.template "/etc/sysctl.d/60-openstack.conf"
|
||||
end
|
||||
|
||||
it "has proper owner" do
|
||||
expect(@file).to be_owned_by "root", "root"
|
||||
end
|
||||
|
||||
it "has proper modes" do
|
||||
expect(sprintf("%o", @file.mode)).to eq "644"
|
||||
end
|
||||
|
||||
it "sets the all.rp_filter" do
|
||||
expect(@chef_run).to create_file_with_content @file.name,
|
||||
'net.ipv4.conf.all.rp_filter = 0'
|
||||
end
|
||||
|
||||
it "sets the default.rp_filter" do
|
||||
expect(@chef_run).to create_file_with_content @file.name,
|
||||
'net.ipv4.conf.default.rp_filter = 0'
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
# Managed by Chef
|
||||
|
||||
<% node['openstack']['sysctl'].sort.each do |k,v| -%>
|
||||
<%= k %> = <%= v %>
|
||||
<% end -%>
|
||||
Loading…
Reference in New Issue