openstack
/
puppet-oslo
Code Issues Proposed changes

Split oslo::service defined type 

The oslo::service defined type was added a long ago but has never been
used by any other modules so far. The main blocker is that the type
manages not only common service parameters but also wsgi/ssl parameters
which are specific to api services.

This change splits the defined type to smaller modules so that we can
reuse the implementation.

Because the defined type is not used by any other modules at this
moment, and we don't expect direct usage of these resource type(*1),
this change is backword-incompatible.

(*1)
Technically it can be used but cause multiple conflicts.

Change-Id: If524155bf2d0dda964c6b451d7b26f36481514f5
This commit is contained in:
Takashi Kajinami 2022-04-03 23:34:48 +09:00
parent fe6612cb6c
commit 19862b0f18
7 changed files with 241 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
manifests/service.pp
View File

@ -2,16 +2,10 @@
#
# Configure oslo_service options
#
# This resource configures Oslo service resources for an OpenStack service.
# It will manage the [DEFAULT] and [ssl] sections in the given config resource.
# This resource configures common parameters of oslo.service library
#
# === Parameters:
#
# [*api_paste_config*]
# (optional) File name for the paste.deploy config for api service.
# (string value)
# Defaults to $::os_service_default.
#
# [*backdoor_port*]
# (optional) Enable eventlet backdoor. Acceptable values are 0, <port>, and
# <start>:<end>, where 0 results in listening on a random tcp port number.
@ -22,11 +16,6 @@
# socket that can receive connections. (string value)
# Defaults to $::os_service_default.
#
# [*client_socket_timeout*]
# (optional) Timeout for client connections' socket operations. A value of
# '0' means wait forever. (integer value)
# Defaults to $::os_service_default.
#
# [*graceful_shutdown_timeout*]
# (optional) pecify a timeout after which a gracefully shutdown server will
# exit. '0' value means endless wait. (integer value)
@ -37,105 +26,26 @@
# when starting a service (at DEBUG level). (boolean value)
# Defaults to $::os_service_default.
#
# [*max_header_line*]
# (optional) Maximum line size of message headers to be accepted.
# (integer value)
# Defaults to $::os_service_default.
#
# [*run_external_periodic_tasks*]
# (optional) Some periodic tasks can be run in a separate process.
# (boolean value)
# Defaults to $::os_service_default.
#
# [*tcp_keepidle*]
# (optional) # Sets the value of TCP_KEEPIDLE in seconds for each server socket.
# (integer value)
# Defaults to $::os_service_default.
#
# [*wsgi_default_pool_size*]
# (optional) Size of the pool of greenthreads used by wsgi (integer value)
# Defaults to $::os_service_default.
#
# [*wsgi_keep_alive*]
# (optional) If False, closes the client socket connection explicitly.
# (boolean value)
# Defaults to $::os_service_default.
#
# [*wsgi_log_format*]
# (optional) A python format string that is used as the template to generate
# log lines. (string value)
# Defaults to $::os_service_default.
# Example: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: \
# %(body_length)s time: %(wall_seconds).7f'
#
# === ssl parameters
#
# [*ca_file*]
# (optional) CA certificate file to use to verify connecting clients.
# (string value)
# Defaults to $::os_service_default.
#
# [*cert_file*]
# (optional) Certificate file to use when starting the server securely.
# (string value)
# Defaults to $::os_service_default.
#
# [*ciphers*]
# (optional) Sets the list of available ciphers. value should be a string
# in the OpenSSL cipher list format. (string value)
# Defaults to $::os_service_default.
#
# [*key_file*]
# (optional) Private key file to use when starting the server securely.
# (string value)
# Defaults to $::os_service_default.
#
# [*version*]
# (optional) SSL version to use (valid only if SSL enabled). Valid values are
# TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on
# some distributions. (string value)
# Defaults to $::os_service_default.
#
define oslo::service (
$api_paste_config = $::os_service_default,
$backdoor_port = $::os_service_default,
$backdoor_socket = $::os_service_default,
$client_socket_timeout = $::os_service_default,
$graceful_shutdown_timeout = $::os_service_default,
$log_options = $::os_service_default,
$max_header_line = $::os_service_default,
$run_external_periodic_tasks = $::os_service_default,
$tcp_keepidle = $::os_service_default,
$wsgi_default_pool_size = $::os_service_default,
$wsgi_keep_alive = $::os_service_default,
$wsgi_log_format = $::os_service_default,
$ca_file = $::os_service_default,
$cert_file = $::os_service_default,
$ciphers = $::os_service_default,
$key_file = $::os_service_default,
$version = $::os_service_default,
) {
$service_options = {
'DEFAULT/api_paste_config' => { value => $api_paste_config },
'DEFAULT/backdoor_port' => { value => $backdoor_port },
'DEFAULT/backdoor_socket' => { value => $backdoor_socket },
'DEFAULT/client_socket_timeout' => { value => $client_socket_timeout },
'DEFAULT/graceful_shutdown_timeout' => { value => $graceful_shutdown_timeout },
'DEFAULT/log_options' => { value => $log_options },
'DEFAULT/max_header_line' => { value => $max_header_line },
'DEFAULT/run_external_periodic_tasks' => { value => $run_external_periodic_tasks },
'DEFAULT/tcp_keepidle' => { value => $tcp_keepidle },
'DEFAULT/wsgi_default_pool_size' => { value => $wsgi_default_pool_size },
'DEFAULT/wsgi_keep_alive' => { value => $wsgi_keep_alive },
'DEFAULT/wsgi_log_format' => { value => $wsgi_log_format },
'ssl/ca_file' => { value => $ca_file },
'ssl/cert_file' => { value => $cert_file },
'ssl/ciphers' => { value => $ciphers },
'ssl/key_file' => { value => $key_file },
'ssl/version' => { value => $version },
}
create_resources($name, $service_options)
}

52
manifests/service/ssl.pp Normal file
View File

@ -0,0 +1,52 @@
# == Define: oslo::service::ssl
#
# Configure oslo_service options
#
# This resource configures ssl parameters of oslo.service library
#
# === Parameters:
#
# [*ca_file*]
# (optional) CA certificate file to use to verify connecting clients.
# (string value)
# Defaults to $::os_service_default.
#
# [*cert_file*]
# (optional) Certificate file to use when starting the server securely.
# (string value)
# Defaults to $::os_service_default.
#
# [*ciphers*]
# (optional) Sets the list of available ciphers. value should be a string
# in the OpenSSL cipher list format. (string value)
# Defaults to $::os_service_default.
#
# [*key_file*]
# (optional) Private key file to use when starting the server securely.
# (string value)
# Defaults to $::os_service_default.
#
# [*version*]
# (optional) SSL version to use (valid only if SSL enabled). Valid values are
# TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on
# some distributions. (string value)
# Defaults to $::os_service_default.
#
define oslo::service::ssl (
$ca_file = $::os_service_default,
$cert_file = $::os_service_default,
$ciphers = $::os_service_default,
$key_file = $::os_service_default,
$version = $::os_service_default,
) {
$service_options = {
'ssl/ca_file' => { value => $ca_file },
'ssl/cert_file' => { value => $cert_file },
'ssl/ciphers' => { value => $ciphers },
'ssl/key_file' => { value => $key_file },
'ssl/version' => { value => $version },
}
create_resources($name, $service_options)
}

66
manifests/service/wsgi.pp Normal file
View File

@ -0,0 +1,66 @@
# == Define: oslo::service::wsgi
#
# Configure oslo_service options
#
# This resource configures wsgi service parameters of oslo.service library.
#
# === Parameters:
#
# [*api_paste_config*]
# (optional) File name for the paste.deploy config for api service.
# (string value)
# Defaults to $::os_service_default.
#
# [*client_socket_timeout*]
# (optional) Timeout for client connections' socket operations. A value of
# '0' means wait forever. (integer value)
# Defaults to $::os_service_default.
#
# [*max_header_line*]
# (optional) Maximum line size of message headers to be accepted.
# (integer value)
# Defaults to $::os_service_default.
#
# [*tcp_keepidle*]
# (optional) # Sets the value of TCP_KEEPIDLE in seconds for each server socket.
# (integer value)
# Defaults to $::os_service_default.
#
# [*wsgi_default_pool_size*]
# (optional) Size of the pool of greenthreads used by wsgi (integer value)
# Defaults to $::os_service_default.
#
# [*wsgi_keep_alive*]
# (optional) If False, closes the client socket connection explicitly.
# (boolean value)
# Defaults to $::os_service_default.
#
# [*wsgi_log_format*]
# (optional) A python format string that is used as the template to generate
# log lines. (string value)
# Defaults to $::os_service_default.
# Example: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: \
# %(body_length)s time: %(wall_seconds).7f'
#
define oslo::service::wsgi (
$api_paste_config = $::os_service_default,
$client_socket_timeout = $::os_service_default,
$max_header_line = $::os_service_default,
$tcp_keepidle = $::os_service_default,
$wsgi_default_pool_size = $::os_service_default,
$wsgi_keep_alive = $::os_service_default,
$wsgi_log_format = $::os_service_default,
) {
$service_options = {
'DEFAULT/api_paste_config' => { value => $api_paste_config },
'DEFAULT/client_socket_timeout' => { value => $client_socket_timeout },
'DEFAULT/max_header_line' => { value => $max_header_line },
'DEFAULT/tcp_keepidle' => { value => $tcp_keepidle },
'DEFAULT/wsgi_default_pool_size' => { value => $wsgi_default_pool_size },
'DEFAULT/wsgi_keep_alive' => { value => $wsgi_keep_alive },
'DEFAULT/wsgi_log_format' => { value => $wsgi_log_format },
}
create_resources($name, $service_options)
}

9
releasenotes/notes/service-split-31d614b24cf43a7c.yaml Normal file
View File

@ -0,0 +1,9 @@
---
upgrade:
- |
The ``oslo::service`` defined type has been splitted to the following three
defined types.
- ``oslo::service`` to manage common service parameters
- ``oslo::service::ssl`` to manage ssl parameters
- ``oslo::service::wsgi`` to manage wsgi service parameters

45
spec/defines/oslo_service_spec.rb
View File

@ -4,72 +4,35 @@ describe 'oslo::service' do
let (:title) { 'keystone_config' }
shared_examples 'oslo-service' do
shared_examples 'oslo::service' do
context 'with default parameters' do
it 'configure oslo_service with default params' do
is_expected.to contain_keystone_config('DEFAULT/api_paste_config').with_value('<SERVICE DEFAULT>')
it 'configures service parameters' do
is_expected.to contain_keystone_config('DEFAULT/backdoor_port').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/backdoor_socket').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/client_socket_timeout').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/graceful_shutdown_timeout').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/log_options').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/max_header_line').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/run_external_periodic_tasks').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/tcp_keepidle').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/wsgi_default_pool_size').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/wsgi_keep_alive').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/wsgi_log_format').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('ssl/ca_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('ssl/cert_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('ssl/ciphers').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('ssl/key_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('ssl/version').with_value('<SERVICE DEFAULT>')
end
end
context 'with overridden parameters' do
let :params do
{
:api_paste_config => 'api-paste.ini',
:backdoor_port => '1234',
:backdoor_socket => 'backdoor.sock',
:client_socket_timeout => '900',
:graceful_shutdown_timeout => '60',
:log_options => true,
:max_header_line => '16384',
:run_external_periodic_tasks => true,
:tcp_keepidle => '600',
:wsgi_default_pool_size => '1000',
:wsgi_keep_alive => true,
:wsgi_log_format => '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f',
:ca_file => '/path/to/ca/file',
:cert_file => '/path/to/cert/file',
:ciphers => 'HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM',
:key_file => '/path/to/key/file',
:version => 'TLSv1',
}
end
it 'configures default and ssl sections' do
is_expected.to contain_keystone_config('DEFAULT/api_paste_config').with_value('api-paste.ini')
it 'configures service parameters' do
is_expected.to contain_keystone_config('DEFAULT/backdoor_port').with_value('1234')
is_expected.to contain_keystone_config('DEFAULT/backdoor_socket').with_value('backdoor.sock')
is_expected.to contain_keystone_config('DEFAULT/client_socket_timeout').with_value('900')
is_expected.to contain_keystone_config('DEFAULT/graceful_shutdown_timeout').with_value('60')
is_expected.to contain_keystone_config('DEFAULT/log_options').with_value(true)
is_expected.to contain_keystone_config('DEFAULT/max_header_line').with_value('16384')
is_expected.to contain_keystone_config('DEFAULT/run_external_periodic_tasks').with_value(true)
is_expected.to contain_keystone_config('DEFAULT/tcp_keepidle').with_value('600')
is_expected.to contain_keystone_config('DEFAULT/wsgi_default_pool_size').with_value('1000')
is_expected.to contain_keystone_config('DEFAULT/wsgi_keep_alive').with_value(true)
is_expected.to contain_keystone_config('DEFAULT/wsgi_log_format').with_value(
'%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f')
is_expected.to contain_keystone_config('ssl/ca_file').with_value('/path/to/ca/file')
is_expected.to contain_keystone_config('ssl/cert_file').with_value('/path/to/cert/file')
is_expected.to contain_keystone_config('ssl/ciphers').with_value('HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM')
is_expected.to contain_keystone_config('ssl/key_file').with_value('/path/to/key/file')
is_expected.to contain_keystone_config('ssl/version').with_value('TLSv1')
end
end
end
@ -82,7 +45,7 @@ describe 'oslo::service' do
facts.merge!(OSDefaults.get_facts())
end
it_behaves_like 'oslo-service'
it_behaves_like 'oslo::service'
end
end
end

51
spec/defines/oslo_service_ssl_spec.rb Normal file
View File

@ -0,0 +1,51 @@
require 'spec_helper'
describe 'oslo::service::ssl' do
let (:title) { 'keystone_config' }
shared_examples 'oslo::service::ssl' do
context 'with default parameters' do
it 'configures ssl parameters' do
is_expected.to contain_keystone_config('ssl/ca_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('ssl/cert_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('ssl/ciphers').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('ssl/key_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('ssl/version').with_value('<SERVICE DEFAULT>')
end
end
context 'with overridden parameters' do
let :params do
{
:ca_file => '/path/to/ca/file',
:cert_file => '/path/to/cert/file',
:ciphers => 'HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM',
:key_file => '/path/to/key/file',
:version => 'TLSv1',
}
end
it 'configures ssl parameters' do
is_expected.to contain_keystone_config('ssl/ca_file').with_value('/path/to/ca/file')
is_expected.to contain_keystone_config('ssl/cert_file').with_value('/path/to/cert/file')
is_expected.to contain_keystone_config('ssl/ciphers').with_value('HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM')
is_expected.to contain_keystone_config('ssl/key_file').with_value('/path/to/key/file')
is_expected.to contain_keystone_config('ssl/version').with_value('TLSv1')
end
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_behaves_like 'oslo::service::ssl'
end
end
end

58
spec/defines/oslo_service_wsgi_spec.rb Normal file
View File

@ -0,0 +1,58 @@
require 'spec_helper'
describe 'oslo::service::wsgi' do
let (:title) { 'keystone_config' }
shared_examples 'oslo::service::wsgi' do
context 'with default parameters' do
it 'configures wsgi parameters' do
is_expected.to contain_keystone_config('DEFAULT/api_paste_config').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/client_socket_timeout').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/max_header_line').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/tcp_keepidle').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/wsgi_default_pool_size').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/wsgi_keep_alive').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('DEFAULT/wsgi_log_format').with_value('<SERVICE DEFAULT>')
end
end
context 'with overridden parameters' do
let :params do
{
:api_paste_config => 'api-paste.ini',
:client_socket_timeout => '900',
:max_header_line => '16384',
:tcp_keepidle => '600',
:wsgi_default_pool_size => '1000',
:wsgi_keep_alive => true,
:wsgi_log_format => '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f',
}
end
it 'configures wsgi parameters' do
is_expected.to contain_keystone_config('DEFAULT/api_paste_config').with_value('api-paste.ini')
is_expected.to contain_keystone_config('DEFAULT/client_socket_timeout').with_value('900')
is_expected.to contain_keystone_config('DEFAULT/max_header_line').with_value('16384')
is_expected.to contain_keystone_config('DEFAULT/tcp_keepidle').with_value('600')
is_expected.to contain_keystone_config('DEFAULT/wsgi_default_pool_size').with_value('1000')
is_expected.to contain_keystone_config('DEFAULT/wsgi_keep_alive').with_value(true)
is_expected.to contain_keystone_config('DEFAULT/wsgi_log_format').with_value(
'%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f')
end
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_behaves_like 'oslo::service::wsgi'
end
end
end