The parameter descriptions says the value should be a positive integer
(or 0). Validate the given value to reject invalid values such as
strings or even negative values.
Change-Id: Ib9f90c88f564ac5a0d545f955257741290998a5e
The aodh-dbsync command by default loads /etc/aodh/aodh.conf. Removing
the override allows us to use additional paths such as aodh.conf.d in
the future.
Change-Id: Ic3bf121611d7221209c006872ab98b0682aa2273
The keystone::resources::authtoken defined resource type installs
python-memcached, which should be available when services start.
This ensures that all configuration and package installation for
authtoken middleware are completed before config step completes, to
ensure that requirement.
Change-Id: I8f2df1c5881473ca7937bdb26954ce566569788a
This is follow-up of fb448c80b5 and
fixes notifications to restart api service, which is currently broken
for standalone api service.
Change-Id: Ic907f3c59bb8a1174ff0d64a85faa7041d02298e
This refactors resource dependencies to improve the following points.
- Avoid unnecessary dependencies across services. For example aodh
service does not require cinder db.
- Restart only api service when config files like paste.ini, which
are used only be api service is changed.
Change-Id: Ie9922c101e7981801c4c8c8753f0ce54ac8e5fe3
The new openstackclient tag was added so that we can get all resources
about openstack CLI more easily. This adds this tag to aodhclient
because the package provides some sub-commands.
Change-Id: Iaa9e1b818e8cb337e41688dc956a17193656ed3e
The purge_config parameters only accept boolean values. This enforces
that using the typed parameters.
Change-Id: I1c48571be9068aa428bba38d99956a0f534888b9
The oslo.policy library has implementations to detect change in policy
rules and reload the new rules without service restart.
Change-Id: Ie2ef0bd7f9b4ab7f60a976fe7832f49b288eca64
The password parameter is not really optional. This makes it
a required parameter to give more sensible validation error.
Change-Id: I77001fb010d5ec276cba1761e022f0037716bfa5
This makes sure that the supported value is used for the parameters
which determine the ensure property of a cron resource type.
Change-Id: I8b87eef335274e2607b9d7fd1bf514648fc9e580
This ensures the parameters used by if-else logic accept only boolean
values because non-boolean can result in unexpected behavior.
Change-Id: I73444acddba8818dfcee5d2b2bca52c7e4cf3451
The option has been managed by the underlying puppet-oslo module but
has not been configurable. This introduces the parameter to customize
the option.
Change-Id: I8c02a3651cf6a749e1039b0a3a9b92800fb4a79e
This logic was added during the previous cycle by [1].
This old parameter should be removed when a deployment is upgraded to
Zed, thus we no longer need this cleanup beyond Zed.
[1] c58c36d927
Change-Id: Ic791e5b597d4b702241d7938ed8d0c0f37f2e7ff
Currently parameter description of the <module>::wsgi::apache classes
are formatted differently in individual modules, and this is making
the maintenance effort quite difficult.
This change updates the description format following the srandard one
we are globally using in our modules to reduce undesired differences
between modules.
Change-Id: Ie874d47e7c9c37da642c2cc5d9c46e385e7cc176
Add parameters for advanced logging configurations in Apache to
support piped logging and support for syslog (via mod_syslog
available in Apache >= 2.5.0)
Co-Authored-By: Andy Botting <andy@andybotting.com>
Change-Id: I16c7a6407d647a25d6093239b30845a212202a5c
... because it was deprecated during Xena cycle[1] in favor of the new
aodh::coordination class.
[1] 16091c8dd6
Change-Id: I0e11987c7d121b2fb639274ed60181c56ce4f6d1
The puppetlabs-apache module is enforcing more strict data type
validation[1].
This change updates the default values to adapt to that change.
[1] f41251e336
Closes-Bug: #1983300
Depends-on: https://review.opendev.org/851652
Change-Id: I9261c53fdb930fd9ff5e2c06e91eb312d665bb9a
The headers option in apache::vhost is required in some case, for
example when adding the X-XSS-Protection header. This change allows
customizing the option for the api vhost.
This change also adds support for request_headers so that both request
headers and response headers can customized.
Change-Id: I857407802617087f75334c8357055250dcd4cef5
The evaluation_interval parameter in the [DEFAULT] section has been
deprecated and it was migrated to the [evaluator] section.
This change updates the parameter section accordingly.
Depends-on: https://review.opendev.org/837864
Change-Id: If41e9e21771ea236ec18379790fe5427dcb6e8af
The parameter was deprecated during Yoga cycle[1] in favor of the new
heartbeat_interval parameter.
[1] 49eb825204
Change-Id: I03d217663445001fc48f9192774ae6b680d2d7f9
During the previous cycle, a warning message was added to inform users
of this change.
Now the default value is updated so that SSL is disabled by default.
Change-Id: I0f05258885570637aa9d53b2d6a69c1756f375e9
After spending huge effort to understand the exact requirements to
enforce SRBAC, we learned it's very difficult to find the required
scope in each credential. This requires understanding implementation of
client-side as well as server-side, and requirement might be different
according to the deployment architecture or features used.
Instead of implementing support based on the actual implementation,
this introduces support for system scope credentials to all places
where keystone user credential is defined, and make all credential
configurations consistent.
Change-Id: I28ff22b43ea5938056082361c9d0c98f89de1a03
Use the whole resource type instead of its individual resources, to
rely on interface instead of implementation of the dependent module.
Change-Id: Ie36c8a096c33a475b21a1dc02a04de49d35be9c9
Takashi Kajinami