Commit Graph

266 Commits

Author SHA1 Message Date
Takashi Kajinami b7b040c4e2 Stop hard-coding config file for db sync
The gnocchi-upgrade command by default loads /etc/gnocchi/gnocchi.conf.
Removing the override allows us to use additional paths such as
gnocchi.conf.d in the future.

Change-Id: Ibe0c1138eebeb17fb6d06a7e648eab563f47fe1f
2024-03-05 12:25:45 +09:00
Takashi Kajinami 3bf5d9ed3c Refactor resource dependencies
This refactors resource dependencies to improve the following points.

 - Avoid unnecessary dependencies across services. For example aodh
   service does not require cinder db.

 - Restart only api service when config files like paste.ini, which
   are used only be api service is changed.

Change-Id: Ib89091baaf9aba0809c2e9405389545168b755ec
2024-03-01 12:23:19 +09:00
Takashi Kajinami 7ddb186ec5 healthcheck: Expose ignore_proxied_requests parameter
Depends-on: https://review.opendev.org/909807
Change-Id: Ibdc5ac824241d1638fcf6066d2f51601792fcd6b
2024-02-26 01:26:24 +09:00
Takashi Kajinami ac20db89d0 healthcheck: Expose allowed_source_ranges
... which was added to puppet-oslo recently.

Depends-on: https://review.opendev.org/905557
Change-Id: I671ab529cee053f59e611e119af93d7123756e2a
2024-01-17 02:58:27 +09:00
Takashi Kajinami ee6e80eef0 Do not restart services after policy file changes
The oslo.policy library has implementations to detect change in policy
rules and reload the new rules without service restart.

Change-Id: I990a24499bba2ad06aac20e5786c4acca4a2392e
2023-09-11 12:36:58 +09:00
Takashi Kajinami de085305c4 Refactor db class using oslo::db
This replaces the existing logic in the gnocchi::db class by the common
logic in oslo::db, to use the single logic to manage backend packages.

Depends-on: https://review.opendev.org/889374
Change-Id: Icd916df0b3463128df5b2ed3b49c2cdbee871504
2023-07-25 13:49:17 +00:00
Takashi Kajinami 120450bec8 CentOS: Stop installing gnocchi-indexer-sqlalchemy
The package was merged into the common package a long ago[1], and we
no longer need to install it explicitly.

[1] af210a84ac

Change-Id: I845b4d99711055ed6a6feb1df2d1e287ea53a0fc
2023-07-25 16:11:24 +09:00
Zuul 14430a3b32 Merge "Ensure purge_config takes a boolean value" 2023-07-21 17:39:55 +00:00
Takashi Kajinami 4280dfe94e Ensure purge_config takes a boolean value
The purge_config parameters only accept boolean values. This enforces
that using the typed parameters.

Change-Id: I15aa0c8ddfb4063e285206de13cbb9fc8cb8143c
2023-07-18 00:53:04 +09:00
Zuul bbec7ca8b6 Merge "Replace remaining validate_legacy" 2023-07-17 06:21:20 +00:00
Takashi Kajinami 4f5423407a Replace remaining validate_legacy
These were somehow overlooked during the previous attempt.

Change-Id: I742afd3b162cc1a6fe8975d3c83a180f6474c7b9
2023-07-13 22:05:09 +09:00
Takashi Kajinami a11551d2f5 authtoken: Make password required
The password parameter is not really optional. This makes it
a required parameter to give more sensible validation error.

Change-Id: I90371da9cdd1b968a691b3e342e7eec7d0390520
2023-07-12 21:57:12 +09:00
Tobias Urdin fea62d44e9 Add per module policy service refresh
Updating the policies for this project should only
refresh the services that reads it.

Change-Id: I5b7504bc02b2576a8921d1a70bc1bd07b19c1023
2023-06-26 00:04:31 +02:00
Takashi Kajinami 74e7afdb9e replace validate_legacy with proper data types
the validate_legacy function is marked for deprecation in
v9.0.0 from puppetlabs-stdlib.

Change-Id: I14ad3f5a77573b1bf82b490249ca5a8a6b220565
2023-06-19 18:08:52 +09:00
Zuul c0d537c9bf Merge "Remove unnecessary policy conversion" 2023-03-24 05:25:01 +00:00
Zuul e8edb44500 Merge "Make sure redis urls are hidden" 2023-03-21 15:20:39 +00:00
Takashi Kajinami a8fc8c9722 Make sure redis urls are hidden
This makes sure that the parameters which accept redis url are hidden
from logs, because redis url can contain password as a URL element.

example: redis://:password@127.0.0.1:6379

Closes-Bug: #2012246
Change-Id: Ief97f9e28ed7e318b56b27f03214ecc76de6798e
2023-03-20 21:10:16 +09:00
Takashi Kajinami cc2231b8fe Remove unnecessary policy conversion
The gnocchi packages available in recent releases contain the changes
for policy-in-code feature so no longer require the default policies.

Change-Id: I0f3e5a7a3abec869246a248d390d86b40a7da432
2023-03-17 12:34:26 +09:00
Takashi Kajinami 8f74b05f69 Add strict validation about boolean parameters
This ensures the parameters used by if-else logic accept only boolean
values because non-boolean can result in unexpected behavior.

Change-Id: I5d448885136f38b442aeca3feff75e288b00cc0c
2023-03-16 13:32:57 +09:00
Takashi Kajinami 37049a867d Replace legacy facts and use fact hash
... because the latest lint no longer allows usage of legacy facts and
top scope fact.

Change-Id: Ia9ab733a7fc5cbb5b23659ff7cbfd3b2b7d2fb18
2023-03-02 10:57:25 +09:00
Takashi Kajinami ecd6b5a669 Expose policy_default_rule
The option has been managed by the underlying puppet-oslo module but
has not been configurable. This introduces the parameter to customize
the option.

Change-Id: I010ef8ed814af439621cf944eb62426d7adb5d6f
2023-01-23 14:29:25 +09:00
Takashi Kajinami 86fc061b4c Replace deprecated [oslo_middleware] enable_proxy_headers_parsing
Gnocchi replaced usage of http_proxy_to_wsgi middleware from
the oslo.middleware library by its own implementation since Gnocchi
4.4[1]. Because now both Ubuntu and CentOS uses Gnocchi 4.4.z, this
replaces the deprecated [oslo_middleware] parameter by the new [api]
parameter.

[1] bcd9a8cdd7

Change-Id: I52ba953c481bb66dd8a5af35b74c11dac6278e45
2022-09-06 17:17:03 +09:00
Takashi Kajinami 8ba78b6b37 Use standard parameter description format for wsgi::apache
Currently parameter description of the <module>::wsgi::apache classes
are formatted differently in individual modules, and this is making
the maintenance effort quite difficult.

This change updates the description format following the standard one
we are globally using in our modules to reduce undesired differences
between modules.

Change-Id: Id99d044171b1fafefd310fafff2ce2f4de1e9fa8
2022-08-27 22:23:00 +09:00
Takashi Kajinami 990298ddd5 Add Apache WSGI logging parameters for pipe/syslog
Add parameters for advanced logging configurations in Apache to
support piped logging and support for syslog (via mod_syslog
available in Apache >= 2.5.0)

Co-Authored-By: Andy Botting <andy@andybotting.com>
Change-Id: Ifa33b2e84284d8032c4e4f54acb26c30fc285cb5
2022-08-26 17:41:09 +09:00
Takashi Kajinami 8001209a81 Remove gnocchi::metricd::cleanup_delay
... because the parameter was deprecated during Yoga cycle[1] in favor
of the new metric_cleanup_delay parameter.

[1] 04f29cb088

Change-Id: I8efe9f153ca112dafb621edc4ee3b3d090083d91
2022-08-16 18:54:42 +09:00
Zuul 1774c83c7d Merge "Adapt to new type validation in puppetlabs-apache" 2022-08-08 19:35:37 +00:00
Takashi Kajinami 6da581fa02 Adapt to new type validation in puppetlabs-apache
The puppetlabs-apache module is enforcing more strict data type
validation[1].

This change updates the default values to adapt to that change.

[1] f41251e336

Closes-Bug: #1983300
Depends-on: https://review.opendev.org/851652
Change-Id: Ie6310a022e9715336832865741318369bc3fa188
2022-08-02 16:51:56 +09:00
Takashi Kajinami 3be542d7b2 Expose headers option of apache::vhost
The headers option in apache::vhost is required in some case, for
example when adding the X-XSS-Protection header. This change allows
customizing the option for the api vhost.

This change also adds support for request_headers so that both request
headers and response headers can customized.

Change-Id: I9fe841e9dc2a90627d0debdc9b6766a847390aed
2022-06-30 11:03:15 +09:00
Rajesh Tailor b2516674df Fix typos in parameter descriptions and tests
Change-Id: I20e1dda110e479e796604991be240021fd51d861
2022-06-20 15:50:42 +05:30
Zuul 0fc51b7e6f Merge "Add support for [statsd] creator" 2022-05-11 10:19:51 +00:00
Takashi Kajinami ce404cc090 apache+mod_wsgi: Disable SSL by default
During the previous cycle, a warning message was added to inform users
of this change.

Now the default value is updated so that SSL is disabled by default.

Change-Id: I7f32413d452e98306906002461ae0b4304d284ca
2022-05-06 20:43:30 +09:00
Zuul 6eeb18e6eb Merge "api: Remove deprecated middleware option" 2022-04-26 08:54:33 +00:00
Takashi Kajinami bdde282558 Add support for [statsd] creator
Change-Id: I719ff8386c7ea73cbaeae4d7db8cc6ed82b8cf79
2022-04-25 08:51:51 +09:00
Takashi Kajinami 4bd702bc91 statsd: Add support for host and port
This change introduces support for the following two parameters.
 - [statsd] host
 - [statsd] port

Change-Id: Ia4e4a5d5ae40a7d4a358569d9caacb07ff391d6a
2022-04-25 08:48:40 +09:00
Takashi Kajinami a6ca19ef5a api: Remove deprecated middleware option
... because it was deprecated during Yoga cycle[1] and has had no
effect since then.

[1] be05efdc44
Change-Id: I473ccd52df065864027b6b88b49a9eece66ba1ac
2022-04-25 08:24:46 +09:00
Zuul 64e8e45990 Merge "Make sure archive_policy_name is cleared by default" 2022-03-30 07:46:59 +00:00
Takashi Kajinami a7c94d05df Make sure archive_policy_name is cleared by default
The archive_policy_name parameter currently defaults to undef, which
leaves the parameter unmaintained. This change ensures the parameter is
cleared by default, as it is not set in the default configuration files
provided by packages.

Change-Id: I5a7b757307e5eae4f24f9c501a869d0693fc496b
2022-03-27 23:35:29 +09:00
Zuul 98cb98936f Merge "Do not hard-code default of [api] max_limit" 2022-03-26 14:39:38 +00:00
Zuul 0b0952dc83 Merge "s3_access_key_id should be secret" 2022-03-26 02:09:04 +00:00
Takashi Kajinami a84c8fa43f s3_access_key_id should be secret
The [storage] s3_access_key_id parameter is defined with the secret
flag, and its value should not be exposed.

Change-Id: I87fe4a3854e1f8c96041e665af16c677f14807c6
2022-03-23 00:25:05 +09:00
Takashi Kajinami 2ca1619677 Do not hard-code default of [api] max_limit
... because the current default value is same as the service default.

Change-Id: I5208f5be47d20c55afa3c3f2aebd2787939ccd26
2022-03-22 18:46:00 +09:00
Takashi Kajinami 04301ef449 Support [api] operation_timeout
Change-Id: Iccc6b6f0632c7b20b0e2385467ae0cd459928128
2022-03-22 18:44:54 +09:00
Zuul f0f6c33a73 Merge "Avoid hard-coding OS user/group in each manifest" 2022-02-23 10:00:49 +00:00
Takashi Kajinami c904cbc94c Avoid hard-coding OS user/group in each manifest
and replace hard-codes by definition in params.pp .

Change-Id: I2b580431b26d93b2be42a17a59fd2e12498d5b70
2022-02-20 19:36:39 +09:00
Takashi Kajinami 337b4e91ac Add support for [storage] ceph_timeout
Change-Id: Id8e4e924b9f38bf512bd571ab4109ad5fca7e9f8
2022-02-09 23:20:36 +09:00
Takashi Kajinami e5edd14ed1 Simplify definition to ensure keystone resource creation
Use the whole resource type instead of its individual resources, to
rely on interface instead of implementation of the dependent module.

Change-Id: Iaa635579908ded39130305170ac3f8feaef2d9ed
2022-02-07 00:07:17 +09:00
Takashi Kajinami b0656ac23b Do not declare service resource when manage_service is false
Change-Id: I6e8a61b641f86b241b71b55a93abd967960e0b96
2022-01-24 08:19:18 +09:00
Zuul 3748c1e06d Merge "Fix dependency to purge default vhost config" 2022-01-12 17:07:43 +00:00
Takashi Kajinami 5fd6e02e24 Fix dependency to purge default vhost config
It turned out defining dependency for openstacklib::wsgi::apache
doesn't properly enforce resource order and the default vhost file
is not purged properly.
This change adds the more explicit dependency to enforce the order
properly.

Change-Id: Ifb8df042e06a275ca4dd44342d3c32af65f7d209
2022-01-11 19:03:40 +09:00
Zuul feafe4c64a Merge "Make [statsd] flush_delay optional" 2022-01-07 23:51:58 +00:00