Allow connections to Aodh API

* Add Aodh API port to list of opened for connections
  from master node.
* Add ability to override this list from hiera.

Closes-bug: #1566371

Change-Id: Ia9c0e141c340e63147f5f3123eaca2a487361cbc
This commit is contained in:
iberezovskiy 2016-04-05 18:36:31 +03:00
parent fa99880763
commit 66323c18e6
4 changed files with 18 additions and 5 deletions

View File

@ -3,15 +3,21 @@
# Class for proxy realization using apache
#
# [*master_ip*]
# (required) String. IP address of master node.
# (required) String. IP address of master node.
#
# [*max_header_size*]
# (optional) String. Set the limit on the allowed size
# (optional) String. Set the limit on the allowed size
# of an HTTP request header field.
#
# [*ports*]
# (optional) List of open ports for connections from master node.
# (list value)
#
class osnailyfacter::apache_api_proxy(
$master_ip,
$max_header_size = '8190',
$ports = ['443', '563', '5000', '6385', '8000', '8003', '8004', '8042', '8080',
'8082', '8386', '8773', '8774', '8776', '8777', '9292', '9696'],
) {
# Allow connection to the apache for ostf tests

View File

@ -2,7 +2,9 @@ class osnailyfacter::api_proxy::api_proxy {
notice('MODULAR: api_proxy/api_proxy.pp')
$max_header_size = hiera('max_header_size', '81900')
$max_header_size = hiera('max_header_size', '81900')
$apache_api_proxy_ports = hiera('apache_api_proxy_ports',
['443', '563', '5000', '6385', '8000', '8003', '8004', '8042', '8080', '8082', '8386', '8773', '8774', '8776', '8777', '9292', '9696'])
# Listen directives with host required for ip_based vhosts
class { '::osnailyfacter::apache':
@ -13,6 +15,7 @@ class osnailyfacter::api_proxy::api_proxy {
class { '::osnailyfacter::apache_api_proxy':
master_ip => hiera('master_ip'),
max_header_size => $max_header_size,
ports => $apache_api_proxy_ports,
}
include ::tweaks::apache_wrappers

View File

@ -1,6 +1,6 @@
ProxyRequests on
ProxyVia On
AllowCONNECT 443 563 5000 6385 8000 8003 8004 8080 8082 8386 8773 8774 8776 8777 9292 9696
AllowCONNECT <%= @ports.join(" ") %>
HostnameLookups off
LimitRequestFieldSize <%= @max_header_size %>
SetEnv force-proxy-request-1.0 1

View File

@ -22,6 +22,10 @@ describe manifest do
Noop.hiera('max_header_size', '81900')
end
let(:ports) do
Noop.hiera('apache_api_proxy_ports', ['443', '563', '5000', '6385', '8000', '8003', '8004', '8042', '8080', '8082', '8386', '8773', '8774', '8776', '8777', '9292', '9696'])
end
it {
should contain_service('httpd').with(
'hasrestart' => true,
@ -60,7 +64,7 @@ describe manifest do
## Custom fragment
ProxyRequests on
ProxyVia On
AllowCONNECT 443 563 5000 6385 8000 8003 8004 8080 8082 8386 8773 8774 8776 8777 9292 9696
AllowCONNECT #{ports.join(' ')}
HostnameLookups off
LimitRequestFieldSize 81900
SetEnv force-proxy-request-1.0 1