diff --git a/manifests/service.pp b/manifests/service.pp index f245518..af383af 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -2,16 +2,10 @@ # # Configure oslo_service options # -# This resource configures Oslo service resources for an OpenStack service. -# It will manage the [DEFAULT] and [ssl] sections in the given config resource. +# This resource configures common parameters of oslo.service library # # === Parameters: # -# [*api_paste_config*] -# (optional) File name for the paste.deploy config for api service. -# (string value) -# Defaults to $::os_service_default. -# # [*backdoor_port*] # (optional) Enable eventlet backdoor. Acceptable values are 0, , and # :, where 0 results in listening on a random tcp port number. @@ -22,11 +16,6 @@ # socket that can receive connections. (string value) # Defaults to $::os_service_default. # -# [*client_socket_timeout*] -# (optional) Timeout for client connections' socket operations. A value of -# '0' means wait forever. (integer value) -# Defaults to $::os_service_default. -# # [*graceful_shutdown_timeout*] # (optional) pecify a timeout after which a gracefully shutdown server will # exit. '0' value means endless wait. (integer value) @@ -37,105 +26,26 @@ # when starting a service (at DEBUG level). (boolean value) # Defaults to $::os_service_default. # -# [*max_header_line*] -# (optional) Maximum line size of message headers to be accepted. -# (integer value) -# Defaults to $::os_service_default. -# # [*run_external_periodic_tasks*] # (optional) Some periodic tasks can be run in a separate process. # (boolean value) # Defaults to $::os_service_default. # -# [*tcp_keepidle*] -# (optional) # Sets the value of TCP_KEEPIDLE in seconds for each server socket. -# (integer value) -# Defaults to $::os_service_default. -# -# [*wsgi_default_pool_size*] -# (optional) Size of the pool of greenthreads used by wsgi (integer value) -# Defaults to $::os_service_default. -# -# [*wsgi_keep_alive*] -# (optional) If False, closes the client socket connection explicitly. -# (boolean value) -# Defaults to $::os_service_default. -# -# [*wsgi_log_format*] -# (optional) A python format string that is used as the template to generate -# log lines. (string value) -# Defaults to $::os_service_default. -# Example: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: \ -# %(body_length)s time: %(wall_seconds).7f' -# -# === ssl parameters -# -# [*ca_file*] -# (optional) CA certificate file to use to verify connecting clients. -# (string value) -# Defaults to $::os_service_default. -# -# [*cert_file*] -# (optional) Certificate file to use when starting the server securely. -# (string value) -# Defaults to $::os_service_default. -# -# [*ciphers*] -# (optional) Sets the list of available ciphers. value should be a string -# in the OpenSSL cipher list format. (string value) -# Defaults to $::os_service_default. -# -# [*key_file*] -# (optional) Private key file to use when starting the server securely. -# (string value) -# Defaults to $::os_service_default. -# -# [*version*] -# (optional) SSL version to use (valid only if SSL enabled). Valid values are -# TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on -# some distributions. (string value) -# Defaults to $::os_service_default. -# define oslo::service ( - $api_paste_config = $::os_service_default, $backdoor_port = $::os_service_default, $backdoor_socket = $::os_service_default, - $client_socket_timeout = $::os_service_default, $graceful_shutdown_timeout = $::os_service_default, $log_options = $::os_service_default, - $max_header_line = $::os_service_default, $run_external_periodic_tasks = $::os_service_default, - $tcp_keepidle = $::os_service_default, - $wsgi_default_pool_size = $::os_service_default, - $wsgi_keep_alive = $::os_service_default, - $wsgi_log_format = $::os_service_default, - $ca_file = $::os_service_default, - $cert_file = $::os_service_default, - $ciphers = $::os_service_default, - $key_file = $::os_service_default, - $version = $::os_service_default, ) { $service_options = { - 'DEFAULT/api_paste_config' => { value => $api_paste_config }, 'DEFAULT/backdoor_port' => { value => $backdoor_port }, 'DEFAULT/backdoor_socket' => { value => $backdoor_socket }, - 'DEFAULT/client_socket_timeout' => { value => $client_socket_timeout }, 'DEFAULT/graceful_shutdown_timeout' => { value => $graceful_shutdown_timeout }, 'DEFAULT/log_options' => { value => $log_options }, - 'DEFAULT/max_header_line' => { value => $max_header_line }, 'DEFAULT/run_external_periodic_tasks' => { value => $run_external_periodic_tasks }, - 'DEFAULT/tcp_keepidle' => { value => $tcp_keepidle }, - 'DEFAULT/wsgi_default_pool_size' => { value => $wsgi_default_pool_size }, - 'DEFAULT/wsgi_keep_alive' => { value => $wsgi_keep_alive }, - 'DEFAULT/wsgi_log_format' => { value => $wsgi_log_format }, - 'ssl/ca_file' => { value => $ca_file }, - 'ssl/cert_file' => { value => $cert_file }, - 'ssl/ciphers' => { value => $ciphers }, - 'ssl/key_file' => { value => $key_file }, - 'ssl/version' => { value => $version }, } create_resources($name, $service_options) - } diff --git a/manifests/service/ssl.pp b/manifests/service/ssl.pp new file mode 100644 index 0000000..8fd50f3 --- /dev/null +++ b/manifests/service/ssl.pp @@ -0,0 +1,52 @@ +# == Define: oslo::service::ssl +# +# Configure oslo_service options +# +# This resource configures ssl parameters of oslo.service library +# +# === Parameters: +# +# [*ca_file*] +# (optional) CA certificate file to use to verify connecting clients. +# (string value) +# Defaults to $::os_service_default. +# +# [*cert_file*] +# (optional) Certificate file to use when starting the server securely. +# (string value) +# Defaults to $::os_service_default. +# +# [*ciphers*] +# (optional) Sets the list of available ciphers. value should be a string +# in the OpenSSL cipher list format. (string value) +# Defaults to $::os_service_default. +# +# [*key_file*] +# (optional) Private key file to use when starting the server securely. +# (string value) +# Defaults to $::os_service_default. +# +# [*version*] +# (optional) SSL version to use (valid only if SSL enabled). Valid values are +# TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on +# some distributions. (string value) +# Defaults to $::os_service_default. +# +define oslo::service::ssl ( + $ca_file = $::os_service_default, + $cert_file = $::os_service_default, + $ciphers = $::os_service_default, + $key_file = $::os_service_default, + $version = $::os_service_default, +) { + + $service_options = { + 'ssl/ca_file' => { value => $ca_file }, + 'ssl/cert_file' => { value => $cert_file }, + 'ssl/ciphers' => { value => $ciphers }, + 'ssl/key_file' => { value => $key_file }, + 'ssl/version' => { value => $version }, + } + + create_resources($name, $service_options) +} diff --git a/manifests/service/wsgi.pp b/manifests/service/wsgi.pp new file mode 100644 index 0000000..8b7dfab --- /dev/null +++ b/manifests/service/wsgi.pp @@ -0,0 +1,66 @@ +# == Define: oslo::service::wsgi +# +# Configure oslo_service options +# +# This resource configures wsgi service parameters of oslo.service library. +# +# === Parameters: +# +# [*api_paste_config*] +# (optional) File name for the paste.deploy config for api service. +# (string value) +# Defaults to $::os_service_default. +# +# [*client_socket_timeout*] +# (optional) Timeout for client connections' socket operations. A value of +# '0' means wait forever. (integer value) +# Defaults to $::os_service_default. +# +# [*max_header_line*] +# (optional) Maximum line size of message headers to be accepted. +# (integer value) +# Defaults to $::os_service_default. +# +# [*tcp_keepidle*] +# (optional) # Sets the value of TCP_KEEPIDLE in seconds for each server socket. +# (integer value) +# Defaults to $::os_service_default. +# +# [*wsgi_default_pool_size*] +# (optional) Size of the pool of greenthreads used by wsgi (integer value) +# Defaults to $::os_service_default. +# +# [*wsgi_keep_alive*] +# (optional) If False, closes the client socket connection explicitly. +# (boolean value) +# Defaults to $::os_service_default. +# +# [*wsgi_log_format*] +# (optional) A python format string that is used as the template to generate +# log lines. (string value) +# Defaults to $::os_service_default. +# Example: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: \ +# %(body_length)s time: %(wall_seconds).7f' +# +define oslo::service::wsgi ( + $api_paste_config = $::os_service_default, + $client_socket_timeout = $::os_service_default, + $max_header_line = $::os_service_default, + $tcp_keepidle = $::os_service_default, + $wsgi_default_pool_size = $::os_service_default, + $wsgi_keep_alive = $::os_service_default, + $wsgi_log_format = $::os_service_default, +) { + + $service_options = { + 'DEFAULT/api_paste_config' => { value => $api_paste_config }, + 'DEFAULT/client_socket_timeout' => { value => $client_socket_timeout }, + 'DEFAULT/max_header_line' => { value => $max_header_line }, + 'DEFAULT/tcp_keepidle' => { value => $tcp_keepidle }, + 'DEFAULT/wsgi_default_pool_size' => { value => $wsgi_default_pool_size }, + 'DEFAULT/wsgi_keep_alive' => { value => $wsgi_keep_alive }, + 'DEFAULT/wsgi_log_format' => { value => $wsgi_log_format }, + } + + create_resources($name, $service_options) +} diff --git a/releasenotes/notes/service-split-31d614b24cf43a7c.yaml b/releasenotes/notes/service-split-31d614b24cf43a7c.yaml new file mode 100644 index 0000000..d8e02e8 --- /dev/null +++ b/releasenotes/notes/service-split-31d614b24cf43a7c.yaml @@ -0,0 +1,9 @@ +--- +upgrade: + - | + The ``oslo::service`` defined type has been splitted to the following three + defined types. + + - ``oslo::service`` to manage common service parameters + - ``oslo::service::ssl`` to manage ssl parameters + - ``oslo::service::wsgi`` to manage wsgi service parameters diff --git a/spec/defines/oslo_service_spec.rb b/spec/defines/oslo_service_spec.rb index 9503d9e..e4c23d0 100644 --- a/spec/defines/oslo_service_spec.rb +++ b/spec/defines/oslo_service_spec.rb @@ -4,72 +4,35 @@ describe 'oslo::service' do let (:title) { 'keystone_config' } - shared_examples 'oslo-service' do + shared_examples 'oslo::service' do context 'with default parameters' do - it 'configure oslo_service with default params' do - is_expected.to contain_keystone_config('DEFAULT/api_paste_config').with_value('') + it 'configures service parameters' do is_expected.to contain_keystone_config('DEFAULT/backdoor_port').with_value('') is_expected.to contain_keystone_config('DEFAULT/backdoor_socket').with_value('') - is_expected.to contain_keystone_config('DEFAULT/client_socket_timeout').with_value('') is_expected.to contain_keystone_config('DEFAULT/graceful_shutdown_timeout').with_value('') is_expected.to contain_keystone_config('DEFAULT/log_options').with_value('') - is_expected.to contain_keystone_config('DEFAULT/max_header_line').with_value('') is_expected.to contain_keystone_config('DEFAULT/run_external_periodic_tasks').with_value('') - is_expected.to contain_keystone_config('DEFAULT/tcp_keepidle').with_value('') - is_expected.to contain_keystone_config('DEFAULT/wsgi_default_pool_size').with_value('') - is_expected.to contain_keystone_config('DEFAULT/wsgi_keep_alive').with_value('') - is_expected.to contain_keystone_config('DEFAULT/wsgi_log_format').with_value('') - is_expected.to contain_keystone_config('ssl/ca_file').with_value('') - is_expected.to contain_keystone_config('ssl/cert_file').with_value('') - is_expected.to contain_keystone_config('ssl/ciphers').with_value('') - is_expected.to contain_keystone_config('ssl/key_file').with_value('') - is_expected.to contain_keystone_config('ssl/version').with_value('') end end context 'with overridden parameters' do let :params do { - :api_paste_config => 'api-paste.ini', :backdoor_port => '1234', :backdoor_socket => 'backdoor.sock', - :client_socket_timeout => '900', :graceful_shutdown_timeout => '60', :log_options => true, - :max_header_line => '16384', :run_external_periodic_tasks => true, - :tcp_keepidle => '600', - :wsgi_default_pool_size => '1000', - :wsgi_keep_alive => true, - :wsgi_log_format => '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f', - :ca_file => '/path/to/ca/file', - :cert_file => '/path/to/cert/file', - :ciphers => 'HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM', - :key_file => '/path/to/key/file', - :version => 'TLSv1', } end - it 'configures default and ssl sections' do - is_expected.to contain_keystone_config('DEFAULT/api_paste_config').with_value('api-paste.ini') + it 'configures service parameters' do is_expected.to contain_keystone_config('DEFAULT/backdoor_port').with_value('1234') is_expected.to contain_keystone_config('DEFAULT/backdoor_socket').with_value('backdoor.sock') - is_expected.to contain_keystone_config('DEFAULT/client_socket_timeout').with_value('900') is_expected.to contain_keystone_config('DEFAULT/graceful_shutdown_timeout').with_value('60') is_expected.to contain_keystone_config('DEFAULT/log_options').with_value(true) - is_expected.to contain_keystone_config('DEFAULT/max_header_line').with_value('16384') is_expected.to contain_keystone_config('DEFAULT/run_external_periodic_tasks').with_value(true) - is_expected.to contain_keystone_config('DEFAULT/tcp_keepidle').with_value('600') - is_expected.to contain_keystone_config('DEFAULT/wsgi_default_pool_size').with_value('1000') - is_expected.to contain_keystone_config('DEFAULT/wsgi_keep_alive').with_value(true) - is_expected.to contain_keystone_config('DEFAULT/wsgi_log_format').with_value( - '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f') - is_expected.to contain_keystone_config('ssl/ca_file').with_value('/path/to/ca/file') - is_expected.to contain_keystone_config('ssl/cert_file').with_value('/path/to/cert/file') - is_expected.to contain_keystone_config('ssl/ciphers').with_value('HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM') - is_expected.to contain_keystone_config('ssl/key_file').with_value('/path/to/key/file') - is_expected.to contain_keystone_config('ssl/version').with_value('TLSv1') end end end @@ -82,7 +45,7 @@ describe 'oslo::service' do facts.merge!(OSDefaults.get_facts()) end - it_behaves_like 'oslo-service' + it_behaves_like 'oslo::service' end end end diff --git a/spec/defines/oslo_service_ssl_spec.rb b/spec/defines/oslo_service_ssl_spec.rb new file mode 100644 index 0000000..3fcdc58 --- /dev/null +++ b/spec/defines/oslo_service_ssl_spec.rb @@ -0,0 +1,51 @@ +require 'spec_helper' + +describe 'oslo::service::ssl' do + + let (:title) { 'keystone_config' } + + shared_examples 'oslo::service::ssl' do + + context 'with default parameters' do + it 'configures ssl parameters' do + is_expected.to contain_keystone_config('ssl/ca_file').with_value('') + is_expected.to contain_keystone_config('ssl/cert_file').with_value('') + is_expected.to contain_keystone_config('ssl/ciphers').with_value('') + is_expected.to contain_keystone_config('ssl/key_file').with_value('') + is_expected.to contain_keystone_config('ssl/version').with_value('') + end + end + + context 'with overridden parameters' do + let :params do + { + :ca_file => '/path/to/ca/file', + :cert_file => '/path/to/cert/file', + :ciphers => 'HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM', + :key_file => '/path/to/key/file', + :version => 'TLSv1', + } + end + + it 'configures ssl parameters' do + is_expected.to contain_keystone_config('ssl/ca_file').with_value('/path/to/ca/file') + is_expected.to contain_keystone_config('ssl/cert_file').with_value('/path/to/cert/file') + is_expected.to contain_keystone_config('ssl/ciphers').with_value('HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM') + is_expected.to contain_keystone_config('ssl/key_file').with_value('/path/to/key/file') + is_expected.to contain_keystone_config('ssl/version').with_value('TLSv1') + end + end + end + + on_supported_os({ + :supported_os => OSDefaults.get_supported_os + }).each do |os,facts| + context "on #{os}" do + let (:facts) do + facts.merge!(OSDefaults.get_facts()) + end + + it_behaves_like 'oslo::service::ssl' + end + end +end diff --git a/spec/defines/oslo_service_wsgi_spec.rb b/spec/defines/oslo_service_wsgi_spec.rb new file mode 100644 index 0000000..3bdc898 --- /dev/null +++ b/spec/defines/oslo_service_wsgi_spec.rb @@ -0,0 +1,58 @@ +require 'spec_helper' + +describe 'oslo::service::wsgi' do + + let (:title) { 'keystone_config' } + + shared_examples 'oslo::service::wsgi' do + + context 'with default parameters' do + it 'configures wsgi parameters' do + is_expected.to contain_keystone_config('DEFAULT/api_paste_config').with_value('') + is_expected.to contain_keystone_config('DEFAULT/client_socket_timeout').with_value('') + is_expected.to contain_keystone_config('DEFAULT/max_header_line').with_value('') + is_expected.to contain_keystone_config('DEFAULT/tcp_keepidle').with_value('') + is_expected.to contain_keystone_config('DEFAULT/wsgi_default_pool_size').with_value('') + is_expected.to contain_keystone_config('DEFAULT/wsgi_keep_alive').with_value('') + is_expected.to contain_keystone_config('DEFAULT/wsgi_log_format').with_value('') + end + end + + context 'with overridden parameters' do + let :params do + { + :api_paste_config => 'api-paste.ini', + :client_socket_timeout => '900', + :max_header_line => '16384', + :tcp_keepidle => '600', + :wsgi_default_pool_size => '1000', + :wsgi_keep_alive => true, + :wsgi_log_format => '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f', + } + end + + it 'configures wsgi parameters' do + is_expected.to contain_keystone_config('DEFAULT/api_paste_config').with_value('api-paste.ini') + is_expected.to contain_keystone_config('DEFAULT/client_socket_timeout').with_value('900') + is_expected.to contain_keystone_config('DEFAULT/max_header_line').with_value('16384') + is_expected.to contain_keystone_config('DEFAULT/tcp_keepidle').with_value('600') + is_expected.to contain_keystone_config('DEFAULT/wsgi_default_pool_size').with_value('1000') + is_expected.to contain_keystone_config('DEFAULT/wsgi_keep_alive').with_value(true) + is_expected.to contain_keystone_config('DEFAULT/wsgi_log_format').with_value( + '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f') + end + end + end + + on_supported_os({ + :supported_os => OSDefaults.get_supported_os + }).each do |os,facts| + context "on #{os}" do + let (:facts) do + facts.merge!(OSDefaults.get_facts()) + end + + it_behaves_like 'oslo::service::wsgi' + end + end +end