openstack
/
puppet-swift
Code Issues Proposed changes

Add purge_config support for service config files 

... so that users can use this feature more easily.

Change-Id: Iceec730f773f5c5d411ea2c50d2926631f48b9c9
This commit is contained in:
Takashi Kajinami 2023-12-04 10:37:02 +09:00
parent f772e96e12
commit 68bc8f1a29
7 changed files with 125 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
manifests/containerreconciler.pp
View File

@ -47,46 +47,50 @@
# Defaults to $facts['os_service_default']
#
# [*service_provider*]
# (optional)
# To use the swiftinit service provider to manage swift services, set
# service_provider to "swiftinit". When enable is true the provider
# (optional) To use the swiftinit service provider to manage swift services,
# set service_provider to "swiftinit". When enable is true the provider
# will populate boot files that start swift using swift-init at boot.
# See README for more details.
# Defaults to $::swift::params::service_provider.
#
# [*memcache_servers*]
# (optional)
# A list of the memcache servers to be used. Entries should be in the
# form host:port. This value is only used if 'cache' is added to the
# (optional) A list of the memcache servers to be used. Entries should be in
# the form host:port. This value is only used if 'cache' is added to the
# pipeline,
# e.g. ['catch_errors', 'proxy-logging', 'cache', 'proxy-server']
# Defaults to ['127.0.0.1:11211']
#
# [*cache_tls_enabled*]
# (Optional) Global toggle for TLS usage when communicating with
# the caching servers.
# Defaults to $facts['os_service_default']
# [*cache_tls_enabled*]
# (optional) Global toggle for TLS usage when communicating with
# the caching servers.
# Defaults to $facts['os_service_default']
# Default to false
#
# [*cache_tls_cafile*]
# (Optional) Path to a file of concatenated CA certificates in PEM
# format necessary to establish the caching server's authenticity.
# If tls_enabled is False, this option is ignored.
# Defaults to $facts['os_service_default']
# [*cache_tls_cafile*]
# (optional) Path to a file of concatenated CA certificates in PEM
# format necessary to establish the caching server's authenticity.
# If tls_enabled is False, this option is ignored.
# Defaults to $facts['os_service_default']
#
# [*cache_tls_certfile*]
# (Optional) Path to a single file in PEM format containing the
# client's certificate as well as any number of CA certificates
# needed to establish the certificate's authenticity. This file
# is only required when client side authentication is necessary.
# If tls_enabled is False, this option is ignored.
# Defaults to $facts['os_service_default']
# [*cache_tls_certfile*]
# (optional) Path to a single file in PEM format containing the
# client's certificate as well as any number of CA certificates
# needed to establish the certificate's authenticity. This file
# is only required when client side authentication is necessary.
# If tls_enabled is False, this option is ignored.
# Defaults to $facts['os_service_default']
#
# [*cache_tls_keyfile*]
# (Optional) Path to a single file containing the client's private
# key in. Otherwise the private key will be taken from the file
# specified in tls_certfile. If tls_enabled is False, this option
# is ignored.
# Defaults to $facts['os_service_default']
# [*cache_tls_keyfile*]
# (optional) Path to a single file containing the client's private
# key in. Otherwise the private key will be taken from the file
# specified in tls_certfile. If tls_enabled is False, this option
# is ignored.
# Defaults to $facts['os_service_default']
#
# [*purge_config*]
# (optional) Whether to set only the specified config options
# in the proxy config.
# Defaults to false.
#
class swift::containerreconciler(
Boolean $manage_service = true,
@ -105,6 +109,7 @@ class swift::containerreconciler(
$cache_tls_cafile = $facts['os_service_default'],
$cache_tls_certfile = $facts['os_service_default'],
$cache_tls_keyfile = $facts['os_service_default'],
Boolean $purge_config = false,
) inherits swift::params {
include swift::deps
@ -114,6 +119,10 @@ class swift::containerreconciler(
fail('proxy-server must be the last element in pipeline')
}
resources { 'swift_container_reconciler_config':
purge => $purge_config,
}
# only add memcache servers if 'cache' is included in the pipeline
if !empty(grep(any2array($pipeline), 'cache')) {

10
manifests/init.pp
View File

@ -27,6 +27,11 @@
# (Optional) The ensure state for the swift package.
# Defaults to present.
#
# [*purge_config*]
# (Optional) Whether to set only the specified config options in the swift
# config.
# Defaults to false.
#
# == Dependencies
#
# None
@ -43,6 +48,7 @@ class swift(
$swift_hash_path_suffix = $facts['os_service_default'],
$swift_hash_path_prefix = $facts['os_service_default'],
$package_ensure = 'present',
Boolean $purge_config = false,
) {
include swift::deps
@ -59,6 +65,10 @@ class swift(
tag => ['openstack', 'swift-package'],
}
resources { 'swift_config':
purge => $purge_config,
}
swift_config {
'swift-hash/swift_hash_path_suffix': value => $swift_hash_path_suffix;
'swift-hash/swift_hash_path_prefix': value => $swift_hash_path_prefix;

10
manifests/internal_client.pp
View File

@ -45,6 +45,11 @@
# (optional) Configures recoverable_node_timeout for internal client.
# Defaults to $facts['os_service_default'].
#
# [*purge_config*]
# (optional) Whether to set only the specified config options in
# the internal client config.
# Defaults to false.
#
class swift::internal_client (
$user = $::swift::params::user,
Swift::Pipeline $pipeline = ['catch_errors', 'proxy-logging', 'cache', 'proxy-server'],
@ -56,6 +61,7 @@ class swift::internal_client (
$client_timeout = $facts['os_service_default'],
$node_timeout = $facts['os_service_default'],
$recoverable_node_timeout = $facts['os_service_default'],
Boolean $purge_config = false,
) inherits swift::params {
include swift::deps
@ -64,6 +70,10 @@ class swift::internal_client (
fail('proxy-server must be the last element in pipeline')
}
resources { 'swift_internal_client_config':
purge => $purge_config,
}
swift_internal_client_config {
'DEFAULT/user': value => $user;
'pipeline:main/pipeline': value => join($pipeline, ' ');

57
manifests/memcache.pp
View File

@ -18,42 +18,49 @@
# === Parameters
#
# [*memcache_servers*]
# You can use this single conf file instead of having memcache_servers set in
# several other conf files under [filter:cache] for example. You can specify
# multiple servers separated with commas, as in: 10.1.2.3:11211,10.1.2.4:11211
# Default to ['127.0.0.1:11211']
# (optional) You can use this single conf file instead of having
# memcache_servers set in several other conf files under [filter:cache] for
# example. You can specify multiple servers separated with commas, as in:
# 10.1.2.3:11211,10.1.2.4:11211
# Default to ['127.0.0.1:11211']
#
# [*memcache_serialization_support*]
# Sets how memcache values are serialized and deserialized:
# 0 = older, insecure pickle serialization
# 1 = json serialization but pickles can still be read (still insecure)
# 2 = json serialization only (secure and the default)
# To avoid an instant full cache flush, existing installations should
# upgrade with 0, then set to 1 and reload, then after some time (24 hours)
# set to 2 and reload.
# In the future, the ability to use pickle serialization will be removed.
# Default to $facts['os_service_default']
# (optional) Sets how memcache values are serialized and deserialized:
# 0 = older, insecure pickle serialization
# 1 = json serialization but pickles can still be read (still insecure)
# 2 = json serialization only (secure and the default)
# To avoid an instant full cache flush, existing installations should
# upgrade with 0, then set to 1 and reload, then after some time (24 hours)
# set to 2 and reload.
# In the future, the ability to use pickle serialization will be removed.
# Default to $facts['os_service_default']
#
# [*memcache_max_connections*]
# Sets the maximum number of connections to each memcached server per worker
# Default to $facts['os_service_default']
# (optional) Sets the maximum number of connections to each memcached server
# per worker
# Default to $facts['os_service_default']
#
# [*connect_timeout*]
# Timeout for connection
# Default to $facts['os_service_default']
# (optional) Timeout for connection
# Default to $facts['os_service_default']
#
# [*pool_timeout*]
# Timeout for pooled connection
# Default to $facts['os_service_default']
# (optional) Timeout for pooled connection
# Default to $facts['os_service_default']
#
# [*tries*]
# number of servers to retry on failures getting a pooled connection
# Default to $facts['os_service_default']
# (optional) number of servers to retry on failures getting a pooled
# connection
# Default to $facts['os_service_default']
#
# [*io_timeout*]
# Timeout for read and writes
# Default to $facts['os_service_default']
# (optional) Timeout for read and writes
# Default to $facts['os_service_default']
#
# [*purge_config*]
# (optional) Whether to set only the specified config options in the memcache
# config.
# Defaults to false.
#
# === Authors
#
@ -67,11 +74,15 @@ class swift::memcache (
$pool_timeout = $facts['os_service_default'],
$tries = $facts['os_service_default'],
$io_timeout = $facts['os_service_default'],
Boolean $purge_config = false,
) {
include swift::deps
include swift::params
resources { 'swift_memcache_config':
purge => $purge_config,
}
file { '/etc/swift/memcache.conf':
ensure => file,

10
manifests/objectexpirer.pp
View File

@ -101,6 +101,11 @@
# (optional) Log level
# Defaults to 'LOG_LOCAL2'.
#
# [*purge_config*]
# (optional) Whether to set only the specified config options
# in the object expirer config.
# Defaults to false.
#
class swift::objectexpirer(
Boolean $manage_service = true,
Boolean $enabled = true,
@ -122,6 +127,7 @@ class swift::objectexpirer(
$cache_tls_keyfile = $facts['os_service_default'],
$log_level = 'INFO',
$log_facility = 'LOG_LOCAL2',
Boolean $purge_config = false,
) inherits swift::params {
include swift::deps
@ -137,6 +143,10 @@ class swift::objectexpirer(
}
}
resources { 'swift_object_expirer_config':
purge => $purge_config,
}
if $pipeline[-1] != 'proxy-server' {
fail('proxy-server must be the last element in pipeline')
}

14
manifests/storage/server.pp
View File

@ -49,11 +49,11 @@
# Defaults to undef.
#
# [*incoming_chmod*] Incoming chmod to set in the rsync server.
# Optional. Defaults to 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r'
# (optional) Defaults to 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r'
# This mask translates to 0755 for directories and 0644 for files.
#
# [*outgoing_chmod*] Outgoing chmod to set in the rsync server.
# Optional. Defaults to 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r'
# (optional) Defaults to 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r'
# This mask translates to 0755 for directories and 0644 for files.
#
# [*pipeline*]
@ -219,6 +219,11 @@
# (optional) Time in seconds to wait between sharder cycles.
# Default to $facts['os_service_default'].
#
# [*purge_config*]
# (optional) Whether to set only the specified config options
# in the config file.
# Defaults to false.
#
# DEPRECATED PARAMETERS
#
# [*config_file_path*]
@ -279,6 +284,7 @@ define swift::storage::server(
$container_sharder_auto_shard = $facts['os_service_default'],
$container_sharder_concurrency = $facts['os_service_default'],
$container_sharder_interval = $facts['os_service_default'],
Boolean $purge_config = false,
# DEPRECATED PARAMETERS
$config_file_path = undef,
){
@ -356,6 +362,10 @@ define swift::storage::server(
before => $required_middlewares,
}
resources { "swift_${type}_config":
purge => $purge_config,
}
# common settings
$common_opts = {
'DEFAULT/devices' => {'value' => $devices},

12
releasenotes/notes/purge_config-1732c9ffe8979d26.yaml Normal file
View File

@ -0,0 +1,12 @@
---
features:
- |
The ``purge_config`` parameter has been added to the following classes and
defined resource types
- ``swift``
- ``swift::containerreconciler``
- ``swift::internal_client``
- ``swift::memcache``
- ``swift::objectexpirer``
- ``swift::storage::server``