openstack
/
puppet-swift
Code Issues Proposed changes

Add parameter max_containers_per_account 

This add parameters max_containers_per_account and
max_containers_whitelist as new parameters.

Change-Id: I15e40760340c7df123a7e3127ab40c6bc7ec7b45
This commit is contained in:
Simeon Gourlin 2018-10-22 17:38:35 +02:00 committed by Tobias Urdin
parent 82503a419f
commit a6e9e39bbe
3 changed files with 84 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
manifests/proxy.pp
View File

@ -65,6 +65,14 @@
# (optional) If True, the proxy will log whenever it has to failover to a handoff node
# Defaults to true.
#
# [*max_containers_per_account*]
# (optional) If set to a positive value, will limit container number per account.
# Default to 0.
#
# [*max_containers_whitelist*]
# (optional) This is a comma separated list of account hashes that ignore the max_containers_per_account cap.
# Default to $::os_service_default.
#
# [*read_affinity*]
# (optional) Configures the read affinity of proxy-server.
# Defaults to undef.
@ -131,30 +139,32 @@
#
class swift::proxy(
$proxy_local_net_ip,
$port = '8080',
$pipeline = ['healthcheck', 'cache', 'tempauth', 'proxy-server'],
$workers = $::os_workers,
$allow_account_management = true,
$account_autocreate = true,
$log_headers = 'False',
$log_udp_host = undef,
$log_udp_port = undef,
$log_address = '/dev/log',
$log_level = 'INFO',
$log_facility = 'LOG_LOCAL2',
$log_handoffs = true,
$log_name = 'proxy-server',
$cors_allow_origin = undef,
$strict_cors_mode = true,
$read_affinity = undef,
$write_affinity = undef,
$write_affinity_node_count = undef,
$node_timeout = undef,
$manage_service = true,
$enabled = true,
$package_ensure = 'present',
$service_provider = $::swift::params::service_provider,
$purge_config = false,
$port = '8080',
$pipeline = ['healthcheck', 'cache', 'tempauth', 'proxy-server'],
$workers = $::os_workers,
$allow_account_management = true,
$account_autocreate = true,
$log_headers = 'False',
$log_udp_host = undef,
$log_udp_port = undef,
$log_address = '/dev/log',
$log_level = 'INFO',
$log_facility = 'LOG_LOCAL2',
$log_handoffs = true,
$log_name = 'proxy-server',
$cors_allow_origin = undef,
$strict_cors_mode = true,
$max_containers_per_account = 0,
$max_containers_whitelist = $::os_service_default,
$read_affinity = undef,
$write_affinity = undef,
$write_affinity_node_count = undef,
$node_timeout = undef,
$manage_service = true,
$enabled = true,
$package_ensure = 'present',
$service_provider = $::swift::params::service_provider,
$purge_config = false,
) inherits ::swift::params {
include ::swift::deps
@ -201,29 +211,31 @@ class swift::proxy(
}
swift_proxy_config {
'DEFAULT/bind_port': value => $port;
'DEFAULT/bind_ip': value => $proxy_local_net_ip;
'DEFAULT/workers': value => $workers;
'DEFAULT/user': value => 'swift';
'DEFAULT/log_name': value => $log_name;
'DEFAULT/log_facility': value => $log_facility;
'DEFAULT/log_level': value => $log_level;
'DEFAULT/log_headers': value => $log_headers;
'DEFAULT/log_address': value => $log_address;
'DEFAULT/log_udp_host': value => $log_udp_host;
'DEFAULT/log_udp_port': value => $log_udp_port;
'pipeline:main/pipeline': value => join($pipeline, ' ');
'app:proxy-server/use': value => 'egg:swift#proxy';
'app:proxy-server/set log_name': value => $log_name;
'app:proxy-server/set log_facility': value => $log_facility;
'app:proxy-server/set log_level': value => $log_level;
'app:proxy-server/set log_address': value => $log_address;
'app:proxy-server/log_handoffs': value => $log_handoffs;
'app:proxy-server/allow_account_management': value => $allow_account_management;
'app:proxy-server/account_autocreate': value => $account_autocreate;
'app:proxy-server/write_affinity': value => $write_affinity;
'app:proxy-server/write_affinity_node_count': value => $write_affinity_node_count;
'app:proxy-server/node_timeout': value => $node_timeout;
'DEFAULT/bind_port': value => $port;
'DEFAULT/bind_ip': value => $proxy_local_net_ip;
'DEFAULT/workers': value => $workers;
'DEFAULT/user': value => 'swift';
'DEFAULT/log_name': value => $log_name;
'DEFAULT/log_facility': value => $log_facility;
'DEFAULT/log_level': value => $log_level;
'DEFAULT/log_headers': value => $log_headers;
'DEFAULT/log_address': value => $log_address;
'DEFAULT/log_udp_host': value => $log_udp_host;
'DEFAULT/log_udp_port': value => $log_udp_port;
'pipeline:main/pipeline': value => join($pipeline, ' ');
'app:proxy-server/use': value => 'egg:swift#proxy';
'app:proxy-server/set log_name': value => $log_name;
'app:proxy-server/set log_facility': value => $log_facility;
'app:proxy-server/set log_level': value => $log_level;
'app:proxy-server/set log_address': value => $log_address;
'app:proxy-server/log_handoffs': value => $log_handoffs;
'app:proxy-server/allow_account_management': value => $allow_account_management;
'app:proxy-server/account_autocreate': value => $account_autocreate;
'app:proxy-server/max_containers_per_account': value => $max_containers_per_account;
'app:proxy-server/max_containers_whitelist': value => $max_containers_whitelist;
'app:proxy-server/write_affinity': value => $write_affinity;
'app:proxy-server/write_affinity_node_count': value => $write_affinity_node_count;
'app:proxy-server/node_timeout': value => $node_timeout;
}
if $cors_allow_origin {

6
releasenotes/notes/swift-max-containers-per-account-f033e8f28c87a802.yaml Normal file
View File

@ -0,0 +1,6 @@
---
features:
- |
Added new parameters max_containers_per_account and
max_containers_whitelist to proxy class that can be used to configure
the maximum authorized container number for an account.

32
spec/classes/swift_proxy_spec.rb
View File

@ -65,6 +65,8 @@ describe 'swift::proxy' do
it { should contain_swift_proxy_config('app:proxy-server/log_handoffs').with_value('true') }
it { should contain_swift_proxy_config('app:proxy-server/allow_account_management').with_value('true') }
it { should contain_swift_proxy_config('app:proxy-server/account_autocreate').with_value('true') }
it { should contain_swift_proxy_config('app:proxy-server/max_containers_per_account').with_value(0) }
it { should contain_swift_proxy_config('app:proxy-server/max_containers_whitelist').with_value('<SERVICE DEFAULT>') }
it { should contain_service('swift-proxy-server').with_require([
'Class[Swift::Proxy::Healthcheck]',
@ -96,19 +98,21 @@ describe 'swift::proxy' do
let :params do
{
:proxy_local_net_ip => '10.0.0.2',
:port => '80',
:workers => 3,
:pipeline => ['swauth', 'proxy-server'],
:allow_account_management => false,
:account_autocreate => false,
:log_level => 'DEBUG',
:log_name => 'swift-proxy-server',
:read_affinity => 'r1z1=100, r1=200',
:write_affinity => 'r1',
:write_affinity_node_count => '2 * replicas',
:node_timeout => '20',
:cors_allow_origin => 'http://foo.bar:1234,https://foo.bar',
:proxy_local_net_ip => '10.0.0.2',
:port => '80',
:workers => 3,
:pipeline => ['swauth', 'proxy-server'],
:allow_account_management => false,
:account_autocreate => false,
:log_level => 'DEBUG',
:log_name => 'swift-proxy-server',
:max_containers_per_account => 10,
:max_containers_whitelist => 'project1,project2',
:read_affinity => 'r1z1=100, r1=200',
:write_affinity => 'r1',
:write_affinity_node_count => '2 * replicas',
:node_timeout => '20',
:cors_allow_origin => 'http://foo.bar:1234,https://foo.bar',
}
end
@ -132,6 +136,8 @@ describe 'swift::proxy' do
it { should contain_swift_proxy_config('app:proxy-server/log_handoffs').with_value('true') }
it { should contain_swift_proxy_config('app:proxy-server/allow_account_management').with_value('false') }
it { should contain_swift_proxy_config('app:proxy-server/account_autocreate').with_value('false') }
it { should contain_swift_proxy_config('app:proxy-server/max_containers_per_account').with_value(10) }
it { should contain_swift_proxy_config('app:proxy-server/max_containers_whitelist').with_value('project1,project2') }
it { should contain_swift_proxy_config('app:proxy-server/sorting_method').with_value('affinity') }
it { should contain_swift_proxy_config('app:proxy-server/read_affinity').with_value('r1z1=100, r1=200') }
it { should contain_swift_proxy_config('app:proxy-server/write_affinity').with_value('r1') }