Ceilometer-api / Gnocchi-api WSGI refactor
- now using wsgi apps for both apis - bumped gnocchi package version due to python-openssl bugs Change-Id: I63636ca8c08660f44433e701c55e1e0e7db5465f
This commit is contained in:
parent
6477bbaf3c
commit
b33c0ca574
@ -18,7 +18,10 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
# Set to some text value if you want templated config files
|
||||
# to contain a custom banner at the top of the written file
|
||||
default['openstack']['telemetry']['custom_template_banner'] =
|
||||
'# This file autogenerated by Chef, changes will be overwritten'
|
||||
# Set the endpoints for the telemetry services to allow all other cookbooks to
|
||||
# access and use them
|
||||
%w(telemetry telemetry-metric).each do |ts|
|
||||
@ -58,6 +61,28 @@ default['openstack']['telemetry']['identity-api']['auth']['version'] =
|
||||
default['openstack']['telemetry-metric']['identity-api']['auth']['version'] =
|
||||
node['openstack']['api']['auth']['version']
|
||||
|
||||
%w(telemetry telemetry-metric).each do |ts|
|
||||
# specify whether to enable SSL for ceilometer API endpoint
|
||||
default['openstack'][ts]['ssl']['enabled'] = false
|
||||
# specify server whether to enforce client certificate requirement
|
||||
default['openstack'][ts]['ssl']['cert_required'] = false
|
||||
# SSL certificate, keyfile and CA certficate file locations
|
||||
default['openstack'][ts]['ssl']['basedir'] = '/etc/ceilometer/ssl'
|
||||
# Protocol for SSL (Apache)
|
||||
default['openstack'][ts]['ssl']['protocol'] = 'All -SSLv2 -SSLv3'
|
||||
# Which ciphers to use with the SSL/TLS protocol (Apache)
|
||||
# Example: 'RSA:HIGH:MEDIUM:!LOW:!kEDH:!aNULL:!ADH:!eNULL:!EXP:!SSLv2:!SEED:!CAMELLIA:!PSK!RC4:!RC4-MD5:!RC4-SHA'
|
||||
default['openstack'][ts]['ssl']['ciphers'] = nil
|
||||
# path of the cert file for SSL.
|
||||
default['openstack'][ts]['ssl']['certfile'] = "#{node['openstack'][ts]['ssl']['basedir']}/certs/sslcert.pem"
|
||||
# path of the keyfile for SSL.
|
||||
default['openstack'][ts]['ssl']['keyfile'] = "#{node['openstack'][ts]['ssl']['basedir']}/private/sslkey.pem"
|
||||
default['openstack'][ts]['ssl']['chainfile'] = nil
|
||||
# path of the CA cert file for SSL.
|
||||
default['openstack'][ts]['ssl']['ca_certs'] = "#{node['openstack'][ts]['ssl']['basedir']}/certs/sslca.pem"
|
||||
# path of the CA cert files for SSL (Apache)
|
||||
default['openstack'][ts]['ssl']['ca_certs_path'] = "#{node['openstack'][ts]['ssl']['basedir']}/certs/"
|
||||
end
|
||||
case platform_family
|
||||
when 'rhel'
|
||||
default['openstack']['telemetry']['platform'] = {
|
||||
@ -82,7 +107,7 @@ when 'rhel'
|
||||
when 'debian'
|
||||
default['openstack']['telemetry']['platform'] = {
|
||||
'common_packages' => ['ceilometer-common'],
|
||||
'gnocchi_packages' => ['gnocchi-api', 'gnocchi-metricd'],
|
||||
'gnocchi_packages' => ['python-gnocchi', 'gnocchi-common', 'gnocchi-api', 'gnocchi-metricd'],
|
||||
'gnocchi-api_service' => 'gnocchi-api',
|
||||
'gnocchi-metricd_service' => 'gnocchi-metricd',
|
||||
'agent_central_packages' => ['ceilometer-agent-central'],
|
||||
@ -91,6 +116,8 @@ when 'debian'
|
||||
'agent_compute_service' => 'ceilometer-agent-compute',
|
||||
'agent_notification_packages' => ['ceilometer-agent-notification'],
|
||||
'agent_notification_service' => 'ceilometer-agent-notification',
|
||||
'ceilometer-api_wsgi_file' => '/usr/lib/python2.7/dist-packages/ceilometer/api/app.wsgi',
|
||||
'gnocchi-api_wsgi_file' => '/usr/share/gnocchi-common/app.wsgi',
|
||||
'api_packages' => ['ceilometer-api'],
|
||||
'api_service' => 'ceilometer-api',
|
||||
'client_packages' => ['python-ceilometerclient', 'python-gnocchiclient'],
|
||||
|
@ -26,3 +26,4 @@ end
|
||||
depends 'openstack-common', '>= 14.0.0'
|
||||
depends 'openstack-identity', '>= 14.0.0'
|
||||
depends 'openstackclient'
|
||||
depends 'apache2', '~> 3.2'
|
||||
|
@ -20,7 +20,14 @@
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
include_recipe 'openstack-telemetry::common'
|
||||
require 'uri'
|
||||
|
||||
# load the methods defined in cookbook-openstack-common libraries
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
end
|
||||
|
||||
# include_recipe 'openstack-telemetry::common'
|
||||
|
||||
platform = node['openstack']['telemetry']['platform']
|
||||
platform['api_packages'].each do |pkg|
|
||||
@ -29,9 +36,58 @@ platform['api_packages'].each do |pkg|
|
||||
action :upgrade
|
||||
end
|
||||
end
|
||||
bind_service = node['openstack']['bind_service']['all']['telemetry']
|
||||
bind_service_address = bind_address bind_service
|
||||
#### Start of Apache specific work
|
||||
|
||||
service 'ceilometer-api' do
|
||||
service_name platform['api_service']
|
||||
subscribes :restart, "template[#{node['openstack']['telemetry']['conf_file']}]"
|
||||
action [:enable, :start]
|
||||
# configure attributes for apache2 cookbook to align with openstack settings
|
||||
apache_listen = Array(node['apache']['listen']) # include already defined listen attributes
|
||||
# Remove the default apache2 cookbook port, as that is also the default for horizon, but with
|
||||
# a different address syntax. *:80 vs 0.0.0.0:80
|
||||
apache_listen -= ['*:80']
|
||||
apache_listen += ["#{bind_service_address}:#{bind_service.port}"]
|
||||
node.normal['apache']['listen'] = apache_listen.uniq
|
||||
|
||||
# include the apache2 default recipe and the recipes for mod_wsgi
|
||||
include_recipe 'apache2'
|
||||
include_recipe 'apache2::mod_wsgi'
|
||||
# include the apache2 mod_ssl recipe if ssl is enabled for identity
|
||||
include_recipe 'apache2::mod_ssl' if node['openstack']['telemetry']['ssl']['enabled']
|
||||
|
||||
# create the ceilometer-api apache directory
|
||||
ceilometer_apache_dir = "#{node['apache']['docroot_dir']}/ceilometer"
|
||||
directory ceilometer_apache_dir do
|
||||
owner 'root'
|
||||
group 'root'
|
||||
mode 00755
|
||||
end
|
||||
|
||||
ceilometer_server_entry = "#{ceilometer_apache_dir}/app"
|
||||
# Note: Using lazy here as the wsgi file is not available until after
|
||||
# the ceilometer-api package is installed during execution phase.
|
||||
file ceilometer_server_entry do
|
||||
content lazy { IO.read(platform['ceilometer-api_wsgi_file']) }
|
||||
owner 'root'
|
||||
group 'root'
|
||||
mode 00755
|
||||
end
|
||||
|
||||
web_app 'ceilometer-api' do
|
||||
template 'wsgi-template.conf.erb'
|
||||
deamon_process 'ceilometer-api'
|
||||
server_host node['openstack']['telemetry']['conf']['api']['host']
|
||||
server_port node['openstack']['telemetry']['conf']['api']['port']
|
||||
server_entry ceilometer_server_entry
|
||||
log_dir node['apache']['log_dir']
|
||||
log_debug node['openstack']['telemetry']['debug']
|
||||
user node['openstack']['telemetry']['user']
|
||||
group node['openstack']['telemetry']['group']
|
||||
use_ssl node['openstack']['telemetry']['ssl']['enabled']
|
||||
cert_file node['openstack']['telemetry']['ssl']['certfile']
|
||||
chain_file node['openstack']['telemetry']['ssl']['chainfile']
|
||||
key_file node['openstack']['telemetry']['ssl']['keyfile']
|
||||
ca_certs_path node['openstack']['telemetry']['ssl']['ca_certs_path']
|
||||
cert_required node['openstack']['telemetry']['ssl']['cert_required']
|
||||
protocol node['openstack']['telemetry']['ssl']['protocol']
|
||||
ciphers node['openstack']['telemetry']['ssl']['ciphers']
|
||||
end
|
||||
|
@ -15,7 +15,9 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
end
|
||||
platform = node['openstack']['telemetry']['platform']
|
||||
db_user = node['openstack']['db']['telemetry-metric']['username']
|
||||
db_pass = get_password 'db', 'gnocchi'
|
||||
@ -95,10 +97,58 @@ execute 'gnocchi-upgrade' do
|
||||
user node['openstack']['telemetry-metric']['user']
|
||||
end
|
||||
|
||||
service 'gnocchi-api' do
|
||||
service_name platform['gnocchi-api_service']
|
||||
subscribes :restart, "template[#{node['openstack']['telemetry-metric']['conf_file']}]"
|
||||
action [:enable, :start]
|
||||
#### Start of Apache specific work
|
||||
|
||||
# configure attributes for apache2 cookbook to align with openstack settings
|
||||
apache_listen = Array(node['apache']['listen']) # include already defined listen attributes
|
||||
# Remove the default apache2 cookbook port, as that is also the default for horizon, but with
|
||||
# a different address syntax. *:80 vs 0.0.0.0:80
|
||||
apache_listen -= ['*:80']
|
||||
apache_listen += ["#{bind_service_address}:#{bind_service.port}"]
|
||||
node.normal['apache']['listen'] = apache_listen.uniq
|
||||
|
||||
# include the apache2 default recipe and the recipes for mod_wsgi
|
||||
include_recipe 'apache2'
|
||||
include_recipe 'apache2::mod_wsgi'
|
||||
# include the apache2 mod_ssl recipe if ssl is enabled for identity
|
||||
include_recipe 'apache2::mod_ssl' if node['openstack']['identity']['ssl']['enabled']
|
||||
|
||||
# create the gnocchi-api apache directory
|
||||
gnocchi_apache_dir = "#{node['apache']['docroot_dir']}/gnocchi"
|
||||
directory gnocchi_apache_dir do
|
||||
owner 'root'
|
||||
group 'root'
|
||||
mode 00755
|
||||
end
|
||||
|
||||
gnocchi_server_entry = "#{gnocchi_apache_dir}/app"
|
||||
# Note: Using lazy here as the wsgi file is not available until after
|
||||
# the gnocchik-api package is installed during execution phase.
|
||||
file gnocchi_server_entry do
|
||||
content lazy { IO.read(platform['gnocchi-api_wsgi_file']) }
|
||||
owner 'root'
|
||||
group 'root'
|
||||
mode 00755
|
||||
end
|
||||
|
||||
web_app 'gnocchi-api' do
|
||||
template 'wsgi-template.conf.erb'
|
||||
deamon_process 'gnocchi-api'
|
||||
server_host node['openstack']['telemetry-metric']['conf']['api']['host']
|
||||
server_port node['openstack']['telemetry-metric']['conf']['api']['port']
|
||||
server_entry gnocchi_server_entry
|
||||
log_dir node['apache']['log_dir']
|
||||
log_debug node['openstack']['telemetry-metric']['debug']
|
||||
user node['openstack']['telemetry-metric']['user']
|
||||
group node['openstack']['telemetry-metric']['group']
|
||||
use_ssl node['openstack']['telemetry-metric']['ssl']['enabled']
|
||||
cert_file node['openstack']['telemetry-metric']['ssl']['certfile']
|
||||
chain_file node['openstack']['telemetry-metric']['ssl']['chainfile']
|
||||
key_file node['openstack']['telemetry-metric']['ssl']['keyfile']
|
||||
ca_certs_path node['openstack']['telemetry-metric']['ssl']['ca_certs_path']
|
||||
cert_required node['openstack']['telemetry-metric']['ssl']['cert_required']
|
||||
protocol node['openstack']['telemetry-metric']['ssl']['protocol']
|
||||
ciphers node['openstack']['telemetry-metric']['ssl']['ciphers']
|
||||
end
|
||||
|
||||
service 'gnocchi-metricd' do
|
||||
|
@ -22,6 +22,6 @@ platform = node['openstack']['telemetry']['platform']
|
||||
platform['gnocchi_packages'].each do |pkg|
|
||||
package pkg do
|
||||
options platform['package_overrides']
|
||||
action :upgrade
|
||||
version '2.0.2-4'
|
||||
end
|
||||
end
|
||||
|
@ -9,14 +9,9 @@ describe 'openstack-telemetry::api' do
|
||||
let(:chef_run) { runner.converge(described_recipe) }
|
||||
|
||||
include_context 'telemetry-stubs'
|
||||
include_examples 'expect-runs-common-recipe'
|
||||
|
||||
it 'installs the api package' do
|
||||
expect(chef_run).to upgrade_package('openstack-ceilometer-api')
|
||||
end
|
||||
|
||||
it 'starts api service' do
|
||||
expect(chef_run).to start_service('openstack-ceilometer-api')
|
||||
expect(chef_run).to upgrade_package 'openstack-ceilometer-api'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
106
spec/api_spec.rb
106
spec/api_spec.rb
@ -9,20 +9,112 @@ describe 'openstack-telemetry::api' do
|
||||
let(:chef_run) { runner.converge(described_recipe) }
|
||||
|
||||
include_context 'telemetry-stubs'
|
||||
include_examples 'expect-runs-common-recipe'
|
||||
|
||||
it 'installs the api package' do
|
||||
expect(chef_run).to upgrade_package 'ceilometer-api'
|
||||
end
|
||||
|
||||
it 'enables and starts the api service' do
|
||||
expect(chef_run).to enable_service('ceilometer-api')
|
||||
expect(chef_run).to start_service('ceilometer-api')
|
||||
describe 'apache recipes' do
|
||||
it 'include apache recipes' do
|
||||
expect(chef_run).to include_recipe('apache2')
|
||||
expect(chef_run).to include_recipe('apache2::mod_wsgi')
|
||||
expect(chef_run).not_to include_recipe('apache2::mod_ssl')
|
||||
end
|
||||
|
||||
describe 'ceilometer-api' do
|
||||
it 'subscribes to its config file' do
|
||||
expect(chef_run.service('ceilometer-api')).to subscribe_to('template[/etc/ceilometer/ceilometer.conf]').delayed
|
||||
it 'include apache recipes' do
|
||||
node.set['openstack']['telemetry']['ssl']['enabled'] = true
|
||||
expect(chef_run).to include_recipe('apache2::mod_ssl')
|
||||
end
|
||||
end
|
||||
|
||||
it 'creates directory /var/www/html/ceilometer' do
|
||||
expect(chef_run).to create_directory('/var/www/html/ceilometer').with(
|
||||
user: 'root',
|
||||
group: 'root',
|
||||
mode: 00755
|
||||
)
|
||||
end
|
||||
|
||||
it 'creates wsgi file' do
|
||||
expect(chef_run).to create_file('/var/www/html/ceilometer/app').with(
|
||||
user: 'root',
|
||||
group: 'root',
|
||||
mode: 00755
|
||||
)
|
||||
end
|
||||
|
||||
describe 'apache wsgi' do
|
||||
file = '/etc/apache2/sites-available/ceilometer-api.conf'
|
||||
it "creates #{file}" do
|
||||
expect(chef_run).to create_template(file).with(
|
||||
user: 'root',
|
||||
group: 'root',
|
||||
mode: '0644'
|
||||
)
|
||||
end
|
||||
|
||||
it "configures #{file} common lines" do
|
||||
node.set['openstack']['telemetry']['custom_template_banner'] = 'custom_template_banner_value'
|
||||
[/user=ceilometer/,
|
||||
/group=ceilometer/,
|
||||
%r{^ ErrorLog /var/log/apache2/ceilometer-api_error.log$},
|
||||
%r{^ CustomLog /var/log/apache2/ceilometer-api_access.log}].each do |line|
|
||||
expect(chef_run).to render_file(file).with_content(line)
|
||||
end
|
||||
end
|
||||
|
||||
it "does not configure #{file} triggered common lines" do
|
||||
[/^ LogLevel/,
|
||||
/^ SSL/].each do |line|
|
||||
expect(chef_run).not_to render_file(file).with_content(line)
|
||||
end
|
||||
end
|
||||
context 'Enable SSL' do
|
||||
before do
|
||||
node.set['openstack']['telemetry']['ssl']['enabled'] = true
|
||||
end
|
||||
it "configures #{file} common ssl lines" do
|
||||
[/^ SSLEngine On$/,
|
||||
%r{^ SSLCertificateFile /etc/ceilometer/ssl/certs/sslcert.pem$},
|
||||
%r{^ SSLCertificateKeyFile /etc/ceilometer/ssl/private/sslkey.pem$},
|
||||
%r{^ SSLCACertificatePath /etc/ceilometer/ssl/certs/$},
|
||||
/^ SSLProtocol All -SSLv2 -SSLv3$/].each do |line|
|
||||
expect(chef_run).to render_file(file).with_content(line)
|
||||
end
|
||||
end
|
||||
it "does not configure #{file} common ssl lines" do
|
||||
[/^ SSLCertificateChainFile/,
|
||||
/^ SSLCipherSuite/,
|
||||
/^ SSLVerifyClient require/].each do |line|
|
||||
expect(chef_run).not_to render_file(file).with_content(line)
|
||||
end
|
||||
end
|
||||
it "configures #{file} chainfile when set" do
|
||||
node.set['openstack']['telemetry']['ssl']['chainfile'] = '/etc/ceilometer/ssl/certs/chainfile.pem'
|
||||
expect(chef_run).to render_file(file)
|
||||
.with_content(%r{^ SSLCertificateChainFile /etc/ceilometer/ssl/certs/chainfile.pem$})
|
||||
end
|
||||
it "configures #{file} ciphers when set" do
|
||||
node.set['openstack']['telemetry']['ssl']['ciphers'] = 'ciphers_value'
|
||||
expect(chef_run).to render_file(file)
|
||||
.with_content(/^ SSLCipherSuite ciphers_value$/)
|
||||
end
|
||||
it "configures #{file} cert_required set" do
|
||||
node.set['openstack']['telemetry']['ssl']['cert_required'] = true
|
||||
expect(chef_run).to render_file(file)
|
||||
.with_content(/^ SSLVerifyClient require$/)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'ceilometer-api WSGI app' do
|
||||
it 'configures required lines' do
|
||||
[/^<VirtualHost 127.0.0.1:8777>$/,
|
||||
/^ WSGIDaemonProcess ceilometer-api/,
|
||||
/^ WSGIProcessGroup ceilometer-api$/,
|
||||
%r{^ WSGIScriptAlias / /var/www/html/ceilometer/app$}].each do |line|
|
||||
expect(chef_run).to render_file('/etc/apache2/sites-available/ceilometer-api.conf').with_content(line)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -115,12 +115,115 @@ describe 'openstack-telemetry::gnocchi_configure' do
|
||||
.with(user: 'gnocchi')
|
||||
end
|
||||
|
||||
%w(gnocchi-api gnocchi-metricd).each do |service|
|
||||
it do
|
||||
expect(chef_run).to enable_service(service)
|
||||
expect(chef_run).to enable_service('gnocchi-metricd')
|
||||
end
|
||||
|
||||
it do
|
||||
expect(chef_run).to start_service(service)
|
||||
expect(chef_run).to start_service('gnocchi-metricd')
|
||||
end
|
||||
|
||||
describe 'apache recipes' do
|
||||
it 'include apache recipes' do
|
||||
expect(chef_run).to include_recipe('apache2')
|
||||
expect(chef_run).to include_recipe('apache2::mod_wsgi')
|
||||
expect(chef_run).not_to include_recipe('apache2::mod_ssl')
|
||||
end
|
||||
|
||||
it 'include apache recipes' do
|
||||
node.set['openstack']['identity']['ssl']['enabled'] = true
|
||||
expect(chef_run).to include_recipe('apache2::mod_ssl')
|
||||
end
|
||||
end
|
||||
|
||||
it 'creates directory /var/www/html/gnocchi' do
|
||||
expect(chef_run).to create_directory('/var/www/html/gnocchi').with(
|
||||
user: 'root',
|
||||
group: 'root',
|
||||
mode: 00755
|
||||
)
|
||||
end
|
||||
|
||||
it 'creates wsgi file' do
|
||||
expect(chef_run).to create_file('/var/www/html/gnocchi/app').with(
|
||||
user: 'root',
|
||||
group: 'root',
|
||||
mode: 00755
|
||||
)
|
||||
end
|
||||
|
||||
describe 'apache wsgi' do
|
||||
file = '/etc/apache2/sites-available/gnocchi-api.conf'
|
||||
it "creates #{file}" do
|
||||
expect(chef_run).to create_template(file).with(
|
||||
user: 'root',
|
||||
group: 'root',
|
||||
mode: '0644'
|
||||
)
|
||||
end
|
||||
|
||||
it "configures #{file} common lines" do
|
||||
node.set['openstack']['telemetry-metric']['custom_template_banner'] = 'custom_template_banner_value'
|
||||
[/user=gnocchi/,
|
||||
/group=gnocchi/,
|
||||
%r{^ ErrorLog /var/log/apache2/gnocchi-api_error.log$},
|
||||
%r{^ CustomLog /var/log/apache2/gnocchi-api_access.log combined$}].each do |line|
|
||||
expect(chef_run).to render_file(file).with_content(line)
|
||||
end
|
||||
end
|
||||
|
||||
it "does not configure #{file} triggered common lines" do
|
||||
[/^ LogLevel/,
|
||||
/^ SSL/].each do |line|
|
||||
expect(chef_run).not_to render_file(file).with_content(line)
|
||||
end
|
||||
end
|
||||
context 'Enable SSL' do
|
||||
before do
|
||||
node.set['openstack']['telemetry-metric']['ssl']['enabled'] = true
|
||||
end
|
||||
it "configures #{file} common ssl lines" do
|
||||
[/^ SSLEngine On$/,
|
||||
%r{^ SSLCertificateFile /etc/ceilometer/ssl/certs/sslcert.pem$},
|
||||
%r{^ SSLCertificateKeyFile /etc/ceilometer/ssl/private/sslkey.pem$},
|
||||
%r{^ SSLCACertificatePath /etc/ceilometer/ssl/certs/$},
|
||||
/^ SSLProtocol All -SSLv2 -SSLv3$/].each do |line|
|
||||
expect(chef_run).to render_file(file).with_content(line)
|
||||
end
|
||||
end
|
||||
it "does not configure #{file} common ssl lines" do
|
||||
[/^ SSLCertificateChainFile/,
|
||||
/^ SSLCipherSuite/,
|
||||
/^ SSLVerifyClient require/].each do |line|
|
||||
expect(chef_run).not_to render_file(file).with_content(line)
|
||||
end
|
||||
end
|
||||
it "configures #{file} chainfile when set" do
|
||||
node.set['openstack']['telemetry-metric']['ssl']['chainfile'] = '/etc/ceilometer/ssl/certs/chainfile.pem'
|
||||
expect(chef_run).to render_file(file)
|
||||
.with_content(%r{^ SSLCertificateChainFile /etc/ceilometer/ssl/certs/chainfile.pem$})
|
||||
end
|
||||
it "configures #{file} ciphers when set" do
|
||||
node.set['openstack']['telemetry-metric']['ssl']['ciphers'] = 'ciphers_value'
|
||||
expect(chef_run).to render_file(file)
|
||||
.with_content(/^ SSLCipherSuite ciphers_value$/)
|
||||
end
|
||||
it "configures #{file} cert_required set" do
|
||||
node.set['openstack']['telemetry-metric']['ssl']['cert_required'] = true
|
||||
expect(chef_run).to render_file(file)
|
||||
.with_content(/^ SSLVerifyClient require$/)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'gnocchi-api WSGI app' do
|
||||
it 'configures required lines' do
|
||||
[/^<VirtualHost 127.0.0.1:8041>$/,
|
||||
/^ WSGIDaemonProcess gnocchi-api/,
|
||||
/^ WSGIProcessGroup gnocchi-api$/,
|
||||
%r{^ WSGIScriptAlias / /var/www/html/gnocchi/app$}].each do |line|
|
||||
expect(chef_run).to render_file('/etc/apache2/sites-available/gnocchi-api.conf').with_content(line)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -11,11 +11,11 @@ describe 'openstack-telemetry::gnocchi_install' do
|
||||
include_context 'telemetry-stubs'
|
||||
|
||||
it do
|
||||
expect(chef_run).to upgrade_package 'gnocchi-api'
|
||||
expect(chef_run).to install_package 'gnocchi-api'
|
||||
end
|
||||
|
||||
it do
|
||||
expect(chef_run).to upgrade_package 'gnocchi-metricd'
|
||||
expect(chef_run).to install_package 'gnocchi-metricd'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -42,6 +42,12 @@ shared_context 'telemetry-stubs' do
|
||||
.with('user', 'admin')
|
||||
.and_return('admin-pass')
|
||||
allow(Chef::Application).to receive(:fatal!)
|
||||
node.set['openstack']['telemetry']['conf']['api']['host'] = '127.0.0.1'
|
||||
node.set['openstack']['telemetry']['conf']['api']['port'] = '8777'
|
||||
node.set['openstack']['telemetry-metric']['conf']['api']['host'] = '127.0.0.1'
|
||||
node.set['openstack']['telemetry-metric']['conf']['api']['port'] = '8041'
|
||||
stub_command('/usr/sbin/apache2 -t')
|
||||
stub_command('/usr/sbin/httpd -t')
|
||||
end
|
||||
end
|
||||
|
||||
|
37
templates/wsgi-template.conf.erb
Normal file
37
templates/wsgi-template.conf.erb
Normal file
@ -0,0 +1,37 @@
|
||||
<%= node["openstack"]["telemetry"]["custom_template_banner"] %>
|
||||
|
||||
Listen <%= @params[:server_host] %>:<%= @params[:server_port] %>
|
||||
|
||||
<VirtualHost <%= @params[:server_host] %>:<%= @params[:server_port] %>>
|
||||
WSGIDaemonProcess <%= @params[:deamon_process] %> processes=2 threads=10 user=<%= @params[:user] %> group=<%= @params[:group] %> display-name=%{GROUP}
|
||||
WSGIProcessGroup <%= @params[:deamon_process] %>
|
||||
WSGIScriptAlias / <%= @params[:server_entry] %>
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
ErrorLog <%= @params[:log_dir] %>/<%= @params[:deamon_process] %>_error.log
|
||||
CustomLog <%= @params[:log_dir] %>/<%= @params[:deamon_process] %>_access.log combined
|
||||
<% if [true, 'true', 'True'].include?(@params[:log_debug]) -%>
|
||||
LogLevel debug
|
||||
<% end -%>
|
||||
|
||||
<% if @params[:use_ssl] -%>
|
||||
SSLEngine On
|
||||
SSLCertificateFile <%= @params[:cert_file] %>
|
||||
SSLCertificateKeyFile <%= @params[:key_file] %>
|
||||
SSLCACertificatePath <%= @params[:ca_certs_path] %>
|
||||
<% if @params[:chain_file] %>
|
||||
SSLCertificateChainFile <%= @params[:chain_file] %>
|
||||
<% end -%>
|
||||
SSLProtocol <%= @params[:protocol] %>
|
||||
<% if @params[:ciphers] -%>
|
||||
SSLCipherSuite <%= @params[:ciphers] %>
|
||||
<% end -%>
|
||||
<% if @params[:cert_required] -%>
|
||||
SSLVerifyClient require
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
</VirtualHost>
|
||||
|
||||
WSGISocketPrefix /var/run/apache2
|
Loading…
Reference in New Issue
Block a user