openstack/cookbook-openstack-common
Code Issues Proposed changes

Add support for openstack-common::sysctl

Browse Source 
There are a number of sysctl settings in the OpenStack documentation that are
not managed by the cookbooks. This approach will iterate over any attributes
added to the node['openstack']['sysctl'] hash and write them out to
/etc/sysctl.d/60-openstack.conf.

The README.md had the recipe description within the Libraries section, separated
into new Recipes section.

Change-Id: Ic32184b78a0bcf4c3e704c7dcd1e9d009b1d95c6
This commit is contained in:
Matt Ray
2013-10-22 14:57:41 -05:00
parent eb5eed7126
commit 1ab483c0eb
7 changed files with 111 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@@ -2,6 +2,10 @@
This file is used to list changes made in each version of cookbook-openstack-common. This file is used to list changes made in each version of cookbook-openstack-common.
## 0.4.4:
* Add support for openstack-common::sysctl and managing sysctl settings via the
node['openstack']['sysctl'] hash, written out to /etc/sysctl.d/60-openstack.conf
## 0.4.3: ## 0.4.3:
* Corrected `#search_for` role and recipe queries. * Corrected `#search_for` role and recipe queries.

49
README.md
View File

@@ -24,23 +24,8 @@ of all the settable attributes for this cookbook.
Note that all attributes are in the `default["openstack"]` "namespace" Note that all attributes are in the `default["openstack"]` "namespace"
Libraries Recipes
========= =======
This cookbook exposes a set of default library routines:
* `endpoint` -- Used to return a `::URI` object representing the named OpenStack endpoint
* `endpoints` -- Useful for operating on all OpenStack endpoints
* `db` -- Returns a Hash of information about a named OpenStack database
* `db_uri` -- Returns the SQLAlchemy RFC-1738 DB URI (see: http://rfc.net/rfc1738.html) for a named OpenStack database
* `db_create_with_user` -- Creates a database and database user for a named OpenStack database
* `secret` -- Returns the value of an encrypted data bag for a named OpenStack secret key and key-section
* `db_password` -- Ease-of-use helper that returns the decrypted database password for a named OpenStack database
* `service_password` -- Ease-of-use helper that returns the decrypted service password for named OpenStack service
* `user_password` -- Ease-of-use helper that returns the decrypted password for a Keystone user
Usage
-----
default default
---- ----
@@ -64,6 +49,36 @@ Installs/Configures common logging
] ]
``` ```
sysctl
----
Iterates over the contents of the `node['openstack']['sysctl']` hash and writes
the entries to `/etc/sysctl.d/60-openstack.conf`.
```json
"run_list": [
"recipe[openstack-common::sysctl]"
]
```
Libraries
=========
This cookbook exposes a set of default library routines:
* `endpoint` -- Used to return a `::URI` object representing the named OpenStack endpoint
* `endpoints` -- Useful for operating on all OpenStack endpoints
* `db` -- Returns a Hash of information about a named OpenStack database
* `db_uri` -- Returns the SQLAlchemy RFC-1738 DB URI (see: http://rfc.net/rfc1738.html) for a named OpenStack database
* `db_create_with_user` -- Creates a database and database user for a named OpenStack database
* `secret` -- Returns the value of an encrypted data bag for a named OpenStack secret key and key-section
* `db_password` -- Ease-of-use helper that returns the decrypted database password for a named OpenStack database
* `service_password` -- Ease-of-use helper that returns the decrypted service password for named OpenStack service
* `user_password` -- Ease-of-use helper that returns the decrypted password for a Keystone user
Usage
-----
The following are code examples showing the above library routines in action. The following are code examples showing the above library routines in action.
Remember when using the library routines exposed by this library to include Remember when using the library routines exposed by this library to include
the Openstack routines in your recipe's `::Chef::Recipe` namespace, like so: the Openstack routines in your recipe's `::Chef::Recipe` namespace, like so:

4
attributes/default.rb
View File

@@ -320,3 +320,7 @@ default["openstack"]["mq"]["service_type"] = "rabbitmq"
default["openstack"]["mq"]["port"] = "5672" default["openstack"]["mq"]["port"] = "5672"
default["openstack"]["mq"]["user"] = "guest" default["openstack"]["mq"]["user"] = "guest"
default["openstack"]["mq"]["vhost"] = "/" default["openstack"]["mq"]["vhost"] = "/"
# Default sysctl settings
default['openstack']['sysctl']['net.ipv4.conf.all.rp_filter'] = 0
default['openstack']['sysctl']['net.ipv4.conf.default.rp_filter'] = 0

3
metadata.rb
View File

@@ -4,10 +4,11 @@ maintainer_email "cookbooks@lists.tfoundry.com"
license "Apache 2.0" license "Apache 2.0"
description "Common OpenStack attributes, libraries and recipes." description "Common OpenStack attributes, libraries and recipes."
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version "0.4.3" version "0.4.4"
recipe "openstack-common", "Installs/Configures common recipes" recipe "openstack-common", "Installs/Configures common recipes"
recipe "openstack-common::logging", "Installs/Configures common logging" recipe "openstack-common::logging", "Installs/Configures common logging"
recipe "openstack-common::sysctl", "Configures sysctl settings"
%w{ ubuntu suse }.each do |os| %w{ ubuntu suse }.each do |os|
supports os supports os

30
recipes/sysctl.rb Normal file
View File

@@ -0,0 +1,30 @@
#
# Cookbook Name:: openstack-common
# recipe:: sysctl
#
# Copyright 2013, Opscode, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
template "/etc/sysctl.d/60-openstack.conf" do
source "60-openstack.conf.erb"
owner "root"
group "root"
mode 00644
end
execute "sysctl -p /etc/sysctl.d/60-openstack.conf" do
action :nothing
subscribes :run, "template[/etc/sysctl.d/60-openstack.conf]", :immediately
end

34
spec/sysctl_spec.rb Normal file
View File

@@ -0,0 +1,34 @@
require_relative "spec_helper"
describe "openstack-common::sysctl" do
describe "ubuntu" do
before do
@chef_run = ::ChefSpec::ChefRunner.new ::UBUNTU_OPTS
@chef_run.converge "openstack-common::sysctl"
end
describe "60-openstack.conf" do
before do
@file = @chef_run.template "/etc/sysctl.d/60-openstack.conf"
end
it "has proper owner" do
expect(@file).to be_owned_by "root", "root"
end
it "has proper modes" do
expect(sprintf("%o", @file.mode)).to eq "644"
end
it "sets the all.rp_filter" do
expect(@chef_run).to create_file_with_content @file.name,
'net.ipv4.conf.all.rp_filter = 0'
end
it "sets the default.rp_filter" do
expect(@chef_run).to create_file_with_content @file.name,
'net.ipv4.conf.default.rp_filter = 0'
end
end
end
end

5
templates/default/60-openstack.conf.erb Normal file
View File

@@ -0,0 +1,5 @@
# Managed by Chef
<% node['openstack']['sysctl'].sort.each do |k,v| -%>
<%= k %> = <%= v %>
<% end -%>