From 6aa38dc8aeefff0a74f6bdcdbc9f5283112274b1 Mon Sep 17 00:00:00 2001 From: Mykyta Karpin Date: Mon, 12 Oct 2015 14:50:55 +0300 Subject: [PATCH] add more heat.conf settings to heat, engine classes heat.conf settings added: max_template_size max_json_body_size max_resources_per_stack notification_driver instance_connection_https_validate_certificates instance_connection_is_secure Change-Id: I00db48bb7e5fde7ba1048fc1cb24fcdcf4e85c04 --- manifests/engine.pp | 62 ++++++++++++++++++++------------ manifests/init.pp | 20 +++++++++++ spec/classes/heat_engine_spec.rb | 3 ++ spec/classes/heat_init_spec.rb | 24 +++++++++++++ 4 files changed, 87 insertions(+), 22 deletions(-) diff --git a/manifests/engine.pp b/manifests/engine.pp index e29483d7..58a5f782 100644 --- a/manifests/engine.pp +++ b/manifests/engine.pp @@ -77,20 +77,35 @@ # configure the keystone roles. # Defaults to ['heat_stack_owner'] # +# [*instance_connection_is_secure*] +# (Optional) Instance connection to CFN/CW API via https. +# Defaults to $::os_service_default +# +# [*instance_connection_https_validate_certificates*] +# (Optional) Instance connection to CFN/CW API validate certs if SSL is used. +# Defaults to $::os_service_default +# +# [*max_resources_per_stack*] +# (Optional) Maximum resources allowed per top-level stack. +# Defaults to $::os_service_default +# class heat::engine ( $auth_encryption_key, - $package_ensure = 'present', - $manage_service = true, - $enabled = true, - $heat_stack_user_role = 'heat_stack_user', - $heat_metadata_server_url = 'http://127.0.0.1:8000', - $heat_waitcondition_server_url = 'http://127.0.0.1:8000/v1/waitcondition', - $heat_watch_server_url = 'http://127.0.0.1:8003', - $engine_life_check_timeout = '2', - $deferred_auth_method = 'trusts', - $default_software_config_transport = 'POLL_SERVER_CFN', - $default_deployment_signal_transport = 'CFN_SIGNAL', - $trusts_delegated_roles = ['heat_stack_owner'], + $package_ensure = 'present', + $manage_service = true, + $enabled = true, + $heat_stack_user_role = 'heat_stack_user', + $heat_metadata_server_url = 'http://127.0.0.1:8000', + $heat_waitcondition_server_url = 'http://127.0.0.1:8000/v1/waitcondition', + $heat_watch_server_url = 'http://127.0.0.1:8003', + $engine_life_check_timeout = '2', + $deferred_auth_method = 'trusts', + $default_software_config_transport = 'POLL_SERVER_CFN', + $default_deployment_signal_transport = 'CFN_SIGNAL', + $trusts_delegated_roles = ['heat_stack_owner'], + $instance_connection_is_secure = $::os_service_default, + $instance_connection_https_validate_certificates = $::os_service_default, + $max_resources_per_stack = $::os_service_default, ) { include ::heat::deps @@ -131,15 +146,18 @@ class heat::engine ( } heat_config { - 'DEFAULT/auth_encryption_key' : value => $auth_encryption_key; - 'DEFAULT/heat_stack_user_role' : value => $heat_stack_user_role; - 'DEFAULT/heat_metadata_server_url' : value => $heat_metadata_server_url; - 'DEFAULT/heat_waitcondition_server_url' : value => $heat_waitcondition_server_url; - 'DEFAULT/heat_watch_server_url' : value => $heat_watch_server_url; - 'DEFAULT/engine_life_check_timeout' : value => $engine_life_check_timeout; - 'DEFAULT/default_software_config_transport' : value => $default_software_config_transport; - 'DEFAULT/default_deployment_signal_transport' : value => $default_deployment_signal_transport; - 'DEFAULT/trusts_delegated_roles' : value => $trusts_delegated_roles; - 'DEFAULT/deferred_auth_method' : value => $deferred_auth_method; + 'DEFAULT/auth_encryption_key': value => $auth_encryption_key; + 'DEFAULT/heat_stack_user_role': value => $heat_stack_user_role; + 'DEFAULT/heat_metadata_server_url': value => $heat_metadata_server_url; + 'DEFAULT/heat_waitcondition_server_url': value => $heat_waitcondition_server_url; + 'DEFAULT/heat_watch_server_url': value => $heat_watch_server_url; + 'DEFAULT/engine_life_check_timeout': value => $engine_life_check_timeout; + 'DEFAULT/default_software_config_transport': value => $default_software_config_transport; + 'DEFAULT/default_deployment_signal_transport': value => $default_deployment_signal_transport; + 'DEFAULT/trusts_delegated_roles': value => $trusts_delegated_roles; + 'DEFAULT/deferred_auth_method': value => $deferred_auth_method; + 'DEFAULT/max_resources_per_stack': value => $max_resources_per_stack; + 'DEFAULT/instance_connection_https_validate_certificates': value => $instance_connection_https_validate_certificates; + 'DEFAULT/instance_connection_is_secure': value => $instance_connection_is_secure; } } diff --git a/manifests/init.pp b/manifests/init.pp index e24b42e6..d41f1eb0 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -99,6 +99,20 @@ # (Optional) Use durable queues in amqp. # Defaults to false # +# [*max_template_size*] +# (Optional) Maximum raw byte size of any template. +# Defaults to $::os_service_default +# +# [*max_json_body_size*] +# (Optional) Maximum raw byte size of JSON request body. +# Should be larger than max_template_size. +# Defaults to $::os_service_default +# +# [*notification_driver*] +# (Optional) Driver or drivers to handle sending notifications. +# Value can be a string or a list. +# Defaults to $::os_service_default +# # == keystone authentication options # # [*auth_uri*] @@ -293,6 +307,9 @@ class heat( $enable_stack_adopt = $::os_service_default, $enable_stack_abandon = $::os_service_default, $sync_db = undef, + $max_template_size = $::os_service_default, + $max_json_body_size = $::os_service_default, + $notification_driver = $::os_service_default, # Deprecated parameters $mysql_module = undef, $sql_connection = undef, @@ -462,6 +479,9 @@ class heat( heat_config { 'DEFAULT/rpc_backend': value => $rpc_backend; 'DEFAULT/rpc_response_timeout': value => $rpc_response_timeout; + 'DEFAULT/max_template_size': value => $max_template_size; + 'DEFAULT/max_json_body_size': value => $max_json_body_size; + 'DEFAULT/notification_driver': value => $notification_driver; 'DEFAULT/region_name_for_services': value => $region_name; 'DEFAULT/enable_stack_abandon': value => $enable_stack_abandon; 'DEFAULT/enable_stack_adopt': value => $enable_stack_adopt; diff --git a/spec/classes/heat_engine_spec.rb b/spec/classes/heat_engine_spec.rb index 2a9782b9..d06cccc0 100644 --- a/spec/classes/heat_engine_spec.rb +++ b/spec/classes/heat_engine_spec.rb @@ -69,6 +69,9 @@ describe 'heat::engine' do it { is_expected.to contain_heat_config('DEFAULT/deferred_auth_method').with_value( expected_params[:deferred_auth_method] ) } it { is_expected.to contain_heat_config('DEFAULT/default_software_config_transport').with_value( expected_params[:default_software_config_transport] ) } it { is_expected.to contain_heat_config('DEFAULT/default_deployment_signal_transport').with_value( expected_params[:default_deployment_signal_transport] ) } + it { is_expected.to contain_heat_config('DEFAULT/instance_connection_is_secure').with_value('') } + it { is_expected.to contain_heat_config('DEFAULT/instance_connection_https_validate_certificates').with_value('') } + it { is_expected.to contain_heat_config('DEFAULT/max_resources_per_stack').with_value('') } end context 'with disabled service managing' do diff --git a/spec/classes/heat_init_spec.rb b/spec/classes/heat_init_spec.rb index 9d39c731..70389a92 100644 --- a/spec/classes/heat_init_spec.rb +++ b/spec/classes/heat_init_spec.rb @@ -78,6 +78,7 @@ describe 'heat' do it_configures "with custom keystone identity_uri" it_configures "with custom keystone identity_uri and auth_uri" it_configures 'with enable_stack_adopt and enable_stack_abandon set' + it_configures 'with notification_driver set to a string' end shared_examples_for 'a heat base installation' do @@ -97,6 +98,14 @@ describe 'heat' do is_expected.to contain_class('heat::db::sync') end + it 'configures max_template_size' do + is_expected.to contain_heat_config('DEFAULT/max_template_size').with_value('') + end + + it 'configures max_json_body_size' do + is_expected.to contain_heat_config('DEFAULT/max_json_body_size').with_value('') + end + it 'configures auth_uri' do is_expected.to contain_heat_config('keystone_authtoken/auth_uri').with_value( params[:auth_uri] ) end @@ -111,6 +120,9 @@ describe 'heat' do is_expected.to contain_heat_config('keystone_authtoken/admin_password').with_secret(true) end + it 'configures notification_driver' do + is_expected.to contain_heat_config('DEFAULT/notification_driver').with_value('') + end end @@ -439,6 +451,18 @@ describe 'heat' do end end + shared_examples_for 'with notification_driver set to a string' do + before do + params.merge!( + :notification_driver => 'bar.foo.rpc_notifier', + ) + end + + it 'has notification_driver set when specified' do + is_expected.to contain_heat_config('DEFAULT/notification_driver').with_value('bar.foo.rpc_notifier') + end + end + context 'on Debian platforms' do let :facts do @default_facts.merge({