openstack/puppet-ceph
Code Issues Proposed changes

Add possibility to use mod_proxy for radosgw

Browse Source 
Add possibility to configure apache to work not only with
mod_fastcgi, but with mod_proxy_fcgi

Change-Id: I0df8a87ec91f6203d1daf573f956e7d073b68834
Closes-Bug: 1532209
This commit is contained in:
Oleksiy Molchanov
2016-01-11 22:30:22 +02:00
parent 1794166bb0
commit 08806947a8
9 changed files with 991 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
manifests/rgw.pp
View File

@@ -58,35 +58,58 @@
# [*rgw_port*] Port the rados gateway listens.
# Optional. Default is undef.
#
# [*frontend_type*] What type of frontend to use
# Optional. Default is apache-fastcgi. Other option is apache-proxy-fcgi.
#
# [*rgw_frontends*] String for rgw_frontends config.
# Optional. Default is 'fastcgi socket_port=9000 socket_host=127.0.0.1'.
#
# [*syslog*] Whether or not to log to syslog.
# Optional. Default is true.
#
define ceph::rgw (
$pkg_radosgw = $::ceph::params::pkg_radosgw,
$rgw_ensure = 'running',
$rgw_enable = true,
$rgw_data = "/var/lib/ceph/radosgw/ceph-${name}",
$user = $::ceph::params::user_radosgw,
$keyring_path = "/etc/ceph/ceph.client.${name}.keyring",
$log_file = '/var/log/ceph/radosgw.log',
$rgw_dns_name = $::fqdn,
$rgw_socket_path = $::ceph::params::rgw_socket_path,
$rgw_print_continue = false,
$rgw_port = undef,
$syslog = true,
$pkg_radosgw = $::ceph::params::pkg_radosgw,
$rgw_ensure = 'running',
$rgw_enable = true,
$rgw_data = "/var/lib/ceph/radosgw/ceph-${name}",
$user = $::ceph::params::user_radosgw,
$keyring_path = "/etc/ceph/ceph.client.${name}.keyring",
$log_file = '/var/log/ceph/radosgw.log',
$rgw_dns_name = $::fqdn,
$rgw_socket_path = $::ceph::params::rgw_socket_path,
$rgw_print_continue = false,
$rgw_port = undef,
$frontend_type = 'apache-fastcgi',
$rgw_frontends = 'fastcgi socket_port=9000 socket_host=127.0.0.1',
$syslog = true,
) {
if $frontend_type {
validate_re(downcase($frontend_type), '^(apache-fastcgi|apache-proxy-fcgi)$',
"${frontend_type} is not supported for frontend_type.
Allowed values are 'apache-fastcgi' and 'apache-proxy-fcgi'.")
}
ceph_config {
"client.${name}/host": value => $::hostname;
"client.${name}/keyring": value => $keyring_path;
"client.${name}/log_file": value => $log_file;
"client.${name}/rgw_dns_name": value => $rgw_dns_name;
"client.${name}/rgw_port": value => $rgw_port;
"client.${name}/rgw_print_continue": value => $rgw_print_continue;
"client.${name}/rgw_socket_path": value => $rgw_socket_path;
"client.${name}/user": value => $user;
}
if $frontend_type == 'apache-fastcgi' {
ceph_config {
"client.${name}/rgw_port": value => $rgw_port;
}
} elsif $frontend_type == 'apache-proxy-fcgi' {
ceph_config {
"client.${name}/rgw_frontends": value => $rgw_frontends;
}
}
package { $pkg_radosgw:
ensure => installed,
tag => 'ceph',

65
manifests/rgw/apache.pp
View File

@@ -45,7 +45,7 @@
# [*syslog*] Whether or not to log to syslog.
# Optional. Default is true.
#
# [*ceph_apache_repo*] Wether to require the CEPH apache repo (ceph::repo::fastcgi).
# [*ceph_apache_repo*] Whether to require the CEPH apache repo (ceph::repo::fastcgi).
# Optional. Default is true. Check:
# http://ceph.com/docs/master/install/install-ceph-gateway/
# for more info on repository recommendations.
@@ -61,57 +61,16 @@ define ceph::rgw::apache (
$ceph_apache_repo = true,
) {
class { '::apache':
default_mods => false,
default_vhost => false,
warning ('Class rgw::apache is deprecated in favor of rgw::apache_fastcgi')
ceph::rgw::apache_fastcgi { $name:
admin_email => $admin_email,
docroot => $docroot,
fcgi_file => $fcgi_file,
rgw_dns_name => $rgw_dns_name,
rgw_port => $rgw_port,
rgw_socket_path => $rgw_socket_path,
syslog => $syslog,
ceph_apache_repo => $ceph_apache_repo,
}
include ::apache::mod::alias
include ::apache::mod::auth_basic
include ::apache::mod::mime
include ::apache::mod::rewrite
apache::vhost { "${rgw_dns_name}-radosgw":
servername => $rgw_dns_name,
serveradmin => $admin_email,
port => $rgw_port,
docroot => $docroot,
rewrite_rule => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1&params=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
access_log => $syslog,
error_log => $syslog,
fastcgi_server => $fcgi_file,
fastcgi_socket => $rgw_socket_path,
fastcgi_dir => $docroot,
}
# radosgw fast-cgi script
file { $fcgi_file:
ensure => file,
owner => 'root',
group => 'root',
mode => '0750',
content => "#!/bin/sh
exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n ${name}",
}
File[$fcgi_file]
~> Service['httpd']
# dependency on ceph apache repo if set
$pkg_fastcgi = $::apache::params::mod_packages['fastcgi']
if $ceph_apache_repo {
case $::osfamily {
'Debian': {
Apt::Source['ceph-fastcgi']
-> Package[$pkg_fastcgi]
}
'RedHat': {
Yumrepo['ext-ceph-fastcgi']
-> Package[$pkg_fastcgi]
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only supports osfamily Debian and RedHat")
}
}
}
}

117
manifests/rgw/apache_fastcgi.pp Normal file
View File

@@ -0,0 +1,117 @@
#
# Copyright (C) 2014 Catalyst IT Limited.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Author: Ricardo Rocha <ricardo@catalyst.net.nz>
#
# Configures a ceph radosgw apache frontend with mod_fastcgi.
#
## == Define: ceph::rgw::apache_fastcgi
#
# The RGW id. An alphanumeric string uniquely identifying the RGW.
# ( example: radosgw.gateway )
#
### == Parameters
#
# [*admin_email*] Admin email for the radosgw reports.
# Optional. Default is 'root@localhost'.
#
# [*docroot*] Location of the apache docroot.
# Optional. Default is '/var/www'.
#
# [*fcgi_file*] Path to the fcgi file.
# Optional. Default is '/var/www/s3gw.cgi'.
#
# [*rgw_port*] Port the rados gateway listens.
# Optional. Default is 80.
#
# [*rgw_dns_name*] Hostname to use for the service.
# Optional. Default is $fqdn.
#
# [*rgw_socket_path*] Path to socket file.
# Optional. Default is '/tmp/radosgw.sock'.
#
# [*syslog*] Whether or not to log to syslog.
# Optional. Default is true.
#
# [*ceph_apache_repo*] Whether to require the CEPH apache repo (ceph::repo::fastcgi).
# Optional. Default is true. Check:
# http://ceph.com/docs/master/install/install-ceph-gateway/
# for more info on repository recommendations.
#
define ceph::rgw::apache_fastcgi (
$admin_email = 'root@localhost',
$docroot = '/var/www',
$fcgi_file = '/var/www/s3gw.fcgi',
$rgw_dns_name = $::fqdn,
$rgw_port = 80,
$rgw_socket_path = $::ceph::params::rgw_socket_path,
$syslog = true,
$ceph_apache_repo = true,
) {
class { '::apache':
default_mods => false,
default_vhost => false,
}
include ::apache::mod::alias
include ::apache::mod::auth_basic
include ::apache::mod::mime
include ::apache::mod::rewrite
apache::vhost { "${rgw_dns_name}-radosgw":
servername => $rgw_dns_name,
serveradmin => $admin_email,
port => $rgw_port,
docroot => $docroot,
rewrite_rule => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1&params=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
access_log => $syslog,
error_log => $syslog,
fastcgi_server => $fcgi_file,
fastcgi_socket => $rgw_socket_path,
fastcgi_dir => $docroot,
}
# radosgw fast-cgi script
file { $fcgi_file:
ensure => file,
owner => 'root',
group => 'root',
mode => '0750',
content => "#!/bin/sh
exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n ${name}",
}
File[$fcgi_file]
~> Service['httpd']
# dependency on ceph apache repo if set
$pkg_fastcgi = $::apache::params::mod_packages['fastcgi']
if $ceph_apache_repo {
case $::osfamily {
'Debian': {
Apt::Source['ceph-fastcgi']
-> Package[$pkg_fastcgi]
}
'RedHat': {
Yumrepo['ext-ceph-fastcgi']
-> Package[$pkg_fastcgi]
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only supports osfamily Debian and RedHat")
}
}
}
}

85
manifests/rgw/apache_proxy_fcgi.pp Normal file
View File

@@ -0,0 +1,85 @@
#
# Copyright (C) 2016 Mirantis Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Author: Oleksiy Molchanov <omolchanov@mirantis.com>
#
# Configures a ceph radosgw apache frontend with mod_proxy.
#
## == Define: ceph::rgw::apache_proxy_fcgi
#
# The RGW id. An alphanumeric string uniquely identifying the RGW.
# ( example: radosgw.gateway )
#
### == Parameters
#
# [*admin_email*] Admin email for the radosgw reports.
# Optional. Default is 'root@localhost'.
#
# [*docroot*] Location of the apache docroot.
# Optional. Default is '/var/www'.
#
# [*rgw_port*] Port the rados gateway listens.
# Optional. Default is 80.
#
# [*rgw_dns_name*] Hostname to use for the service.
# Optional. Default is $fqdn.
#
# [*rewrite_rule*] RewriteRule for the apache config.
# Optional. Default is '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]'.
#
# [*setenv*] String or aray for the apache setenv directive.
# Optional. Default is 'proxy-nokeepalive 1'.
#
# [*proxy_pass*] Hash that contains local virtual path and remote url.
# Optional. Default is {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/'}.
#
# [*syslog*] Whether or not to log to syslog.
# Optional. Default is true.
#
define ceph::rgw::apache_proxy_fcgi (
$admin_email = 'root@localhost',
$docroot = '/var/www',
$rgw_dns_name = $::fqdn,
$rgw_port = 80,
$rewrite_rule = '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
$setenv = 'proxy-nokeepalive 1',
$proxy_pass = {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/'},
$syslog = true,
) {
class { '::apache':
default_mods => false,
default_vhost => false,
}
include ::apache::mod::alias
include ::apache::mod::auth_basic
include ::apache::mod::mime
include ::apache::mod::rewrite
include ::apache::mod::proxy
::apache::mod { 'proxy_fcgi': }
::apache::mod { 'env': }
apache::vhost { "${rgw_dns_name}-radosgw":
servername => $rgw_dns_name,
serveradmin => $admin_email,
docroot => $docroot,
access_log => $syslog,
error_log => $syslog,
port => $rgw_port,
rewrite_rule => $rewrite_rule,
setenv => $setenv,
proxy_pass => $proxy_pass,
}
}

339
spec/acceptance/ceph_rgw_spec.rb
View File

@@ -37,7 +37,7 @@ describe 'ceph rgw' do
describe 'ceph::rgw::keystone' do
it 'should install one monitor/osd with cephx keys' do
it 'should install one monitor/osd with cephx keys for rgw-fcgi' do
pp = <<-EOS
class { 'ceph::repo':
release => '#{release}',
@@ -106,7 +106,7 @@ describe 'ceph rgw' do
end
end
it 'should install a radosgw' do
it 'should install a radosgw with fcgi' do
pp = <<-EOS
# ceph::repo and ceph are needed as dependencies in the catalog
class { 'ceph::repo':
@@ -139,7 +139,8 @@ describe 'ceph rgw' do
ceph::rgw { 'radosgw.gateway':
rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok',
}
ceph::rgw::apache { 'radosgw.gateway':
ceph::rgw::apache_fastcgi { 'radosgw.gateway':
rgw_port => '8080',
rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok',
}
@@ -176,7 +177,7 @@ describe 'ceph rgw' do
end
end
it 'should configure keystone and rgw keystone integration' do
it 'should configure keystone and rgw-fcgi keystone integration' do
pp = <<-EOS
# ceph::repo and ceph are needed as dependencies in the catalog
class { 'ceph::repo':
@@ -370,6 +371,336 @@ describe 'ceph rgw' do
apply_manifest(purge, :catch_failures => true)
end
end
it 'should install one monitor/osd with cephx keys for rgw-proxy' do
pp = <<-EOS
class { 'ceph::repo':
release => '#{release}',
fastcgi => true,
}
->
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
ceph_config {
'global/mon_data_avail_warn': value => 10; # workaround for health warn in mon
'global/osd_journal_size': value => 100;
}
ceph::mon { 'a':
public_addr => $::ipaddress,
key => '#{mon_key}',
}
ceph::key { 'client.admin':
secret => '#{admin_key}',
cap_mon => 'allow *',
cap_osd => 'allow *',
cap_mds => 'allow *',
inject => true,
inject_as_id => 'mon.',
inject_keyring => '/var/lib/ceph/mon/ceph-a/keyring',
}
->
ceph::key { 'client.radosgw.gateway':
user => $apache_user,
secret => '#{radosgw_key}',
cap_mon => 'allow rwx',
cap_osd => 'allow rwx',
inject => true,
}
->
exec { 'bootstrap-key':
command => '/usr/sbin/ceph-create-keys --id a',
}
->
ceph::osd { '/srv/data': }
EOS
osfamily = fact 'osfamily'
# RGW on CentOS is currently broken, so lets disable tests for now.
if osfamily != 'RedHat'
apply_manifest(pp, :catch_failures => true)
# Enable as soon as remaining changes are fixed
#apply_manifest(pp, :catch_changes => true)
shell 'sleep 10' # we need to wait a bit until the OSD is up
shell 'ceph -s', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/1 mons at/)
expect(r.stderr).to be_empty
end
shell 'ceph osd tree', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/osd.0/)
expect(r.stderr).to be_empty
end
end
end
it 'should install a radosgw with mod_proxy' do
pp = <<-EOS
# ceph::repo and ceph are needed as dependencies in the catalog
class { 'ceph::repo':
release => '#{release}',
fastcgi => true,
}
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
$apache_user = $::osfamily ? {
'RedHat' => 'apache',
default => 'www-data',
}
host { $::fqdn: # workaround for bad 'hostname -f' in vagrant box
ip => $ipaddress,
host_aliases => [$::hostname],
}
->
file { '/var/run/ceph': # workaround for bad sysvinit script (ignores socket)
ensure => directory,
owner => $apache_user,
}
->
ceph::rgw { 'radosgw.gateway':
frontend_type => 'apache-proxy-fcgi',
rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok',
}
ceph::rgw::apache_proxy_fcgi { 'radosgw.gateway':
rgw_port => '8080',
proxy_pass => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/', 'params' => { 'retry' => '0' }},
}
EOS
osfamily = fact 'osfamily'
servicequery = {
'Debian' => 'status radosgw id=radosgw.gateway',
'RedHat' => 'service ceph-radosgw status id=radosgw.gateway',
}
# RGW on CentOS is currently broken, so lets disable tests for now.
if osfamily != 'RedHat'
apply_manifest(pp, :catch_failures => true)
# Enable as soon as remaining changes are fixed
#apply_manifest(pp, :catch_changes => true)
shell servicequery[osfamily] do |r|
expect(r.exit_code).to be_zero
end
shell "radosgw-admin user create --uid=#{test_user} --display-name=#{test_user}"
shell "radosgw-admin subuser create --uid=#{test_user} --subuser=#{test_user}:swift --access=full"
shell "radosgw-admin key create --subuser=#{test_user}:swift --key-type=swift --secret='#{test_password}'"
shell "curl -i -H 'X-Auth-User: #{test_user}:swift' -H 'X-Auth-Key: #{test_password}' http://127.0.0.1:8080/auth/v1.0/" do |r|
expect(r.exit_code).to be_zero
expect(r.stdout).to match(/HTTP\/1\.1 204 No Content/)
expect(r.stdout).not_to match(/401 Unauthorized/)
end
end
end
it 'should configure keystone and rgw-proxy keystone integration' do
pp = <<-EOS
# ceph::repo and ceph are needed as dependencies in the catalog
class { 'ceph::repo':
release => '#{release}',
fastcgi => true,
}
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
# this is needed for the refresh triggered by ceph::rgw::keystone
ceph::rgw { 'radosgw.gateway':
rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok',
}
case $::osfamily {
'Debian': {
include ::apt
apt::source { 'cloudarchive-juno':
location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu',
release => 'trusty-updates/juno',
repos => 'main',
include_src => false,
required_packages => 'ubuntu-cloud-keyring',
}
Apt::Source['cloudarchive-juno'] -> Package['keystone','python-swiftclient']
Exec['apt_update'] -> Package['keystone','python-swiftclient']
}
'RedHat': {
yumrepo { 'openstack-juno':
descr => 'OpenStack Juno Repository',
baseurl => 'http://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/',
enabled => '1',
gpgcheck => '1',
gpgkey => 'https://raw.githubusercontent.com/redhat-openstack/rdo-release/juno/RPM-GPG-KEY-RDO-Juno',
priority => '15', # prefer over EPEL, but below ceph
}
Yumrepo<||> -> Package['python-swiftclient','keystone']
}
}
class { 'keystone':
verbose => true,
catalog_type => 'sql',
admin_token => '#{keystone_admin_token}',
admin_endpoint => "http://${::ipaddress}:35357",
}
->
class { 'keystone::roles::admin':
email => 'admin@example.com',
password => '#{keystone_password}',
}
->
class { 'keystone::endpoint':
public_url => "http://${::ipaddress}:5000",
admin_url => "http://${::ipaddress}:35357",
internal_url => "http://${::ipaddress}:5000",
region => 'example-1',
}
Service['keystone'] -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_service { 'swift':
ensure => present,
type => 'object-store',
description => 'Openstack Object Storage Service',
}
Keystone_service<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_endpoint { 'example-1/swift':
ensure => present,
public_url => "http://${::fqdn}:8080/swift/v1",
admin_url => "http://${::fqdn}:8080/swift/v1",
internal_url => "http://${::fqdn}:8080/swift/v1",
}
Keystone_endpoint<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
# add a testuser for validation below
keystone_user { '#{test_user}':
ensure => present,
enabled => true,
email => '#{test_email}',
password => '#{test_password}',
tenant => '#{test_tenant}',
}
Keystone_user<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_user_role { 'testuser@openstack':
ensure => present,
roles => ['_member_'],
}
Keystone_user_role<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
package { 'python-swiftclient': # required for tests below
ensure => present,
}
ceph::rgw::keystone { 'radosgw.gateway':
rgw_keystone_url => "http://${::ipaddress}:5000",
rgw_keystone_admin_token => '#{keystone_admin_token}',
}
EOS
osfamily = fact 'osfamily'
servicequery = {
'Debian' => 'status radosgw id=radosgw.gateway',
'RedHat' => 'service ceph-radosgw status id=radosgw.gateway',
}
# RGW on CentOS is currently broken, so lets disable tests for now.
if osfamily != 'RedHat'
apply_manifest(pp, :catch_failures => true)
# Enable as soon as remaining changes are fixed
#apply_manifest(pp, :catch_changes => true)
shell servicequery[osfamily] do |r|
expect(r.exit_code).to be_zero
end
shell "swift -V 2.0 -A http://127.0.0.1:5000/v2.0 -U #{test_tenant}:#{test_user} -K #{test_password} stat" do |r|
expect(r.exit_code).to be_zero
expect(r.stdout).to match(/Content-Type: text\/plain; charset=utf-8/)
expect(r.stdout).not_to match(/401 Unauthorized/)
end
end
end
it 'should purge everything again' do
purge = <<-EOS
$radosgw = $::osfamily ? {
'RedHat' => 'ceph-radosgw',
default => 'radosgw',
}
class { 'keystone':
admin_token => 'keystonetoken',
enabled => false,
}
->
ceph::osd { '/srv/data':
ensure => absent,
}
->
ceph::mon { 'a': ensure => absent }
->
file { [
'/var/lib/ceph/bootstrap-osd/ceph.keyring',
'/var/lib/ceph/bootstrap-mds/ceph.keyring',
'/var/lib/ceph/nss/cert8.db',
'/var/lib/ceph/nss/key3.db',
'/var/lib/ceph/nss/secmod.db',
'/var/lib/ceph/radosgw/ceph-radosgw.gateway',
'/var/lib/ceph/radosgw',
'/var/lib/ceph/nss',
'/etc/ceph/ceph.client.admin.keyring',
'/etc/ceph/ceph.client.radosgw.gateway',
]:
ensure => absent
}
->
package { $radosgw: ensure => purged }
->
package { #{packages}:
ensure => purged
}
class { 'ceph::repo':
release => '#{release}',
ensure => absent,
}
class { 'apache':
service_ensure => stopped,
service_enable => false,
}
apache::vhost { "$fqdn-radosgw":
ensure => absent,
docroot => '/var/www',
}
EOS
osfamily = fact 'osfamily'
# RGW on CentOS is currently broken, so lets disable tests for now.
if osfamily != 'RedHat'
apply_manifest(purge, :catch_failures => true)
end
end
end
end
# Local Variables:

219
spec/defines/ceph_rgw_apache_fastcgi_spec.rb Normal file
View File

@@ -0,0 +1,219 @@
#
# Copyright (C) 2014 Catalyst IT Limited.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Author: Ricardo Rocha <ricardo@catalyst.net.nz>
# Author: David Gurtner <aldavud@crimson.ch>
#
require 'spec_helper'
describe 'ceph::rgw::apache_fastcgi' do
let :pre_condition do
"include ceph::params
class { 'ceph::repo':
fastcgi => true,
}"
end
describe 'Debian Family' do
let :facts do
{
:concat_basedir => '/var/lib/puppet/concat',
:fqdn => 'myhost.domain',
:hostname => 'myhost',
:osfamily => 'Debian',
:operatingsystem => 'Ubuntu',
:lsbdistid => 'Ubuntu',
:operatingsystemrelease => '14.04',
:lsbdistcodename => 'trusty',
:pkg_fastcgi => 'libapache2-mod-fastcgi',
}
end
describe 'activated with default params' do
let :title do
'radosgw.gateway'
end
it { is_expected.to contain_apache__vhost('myhost.domain-radosgw').with( {
'servername' => 'myhost.domain',
'serveradmin' => 'root@localhost',
'port' => 80,
'docroot' => '/var/www',
'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1&params=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
'access_log' => true,
'error_log' => true,
'fastcgi_server' => '/var/www/s3gw.fcgi',
'fastcgi_socket' => '/tmp/radosgw.sock',
'fastcgi_dir' => '/var/www',
})}
it { is_expected.to contain_class('apache') }
it { is_expected.to contain_class('apache::mod::alias') }
it { is_expected.to contain_class('apache::mod::auth_basic') }
it { is_expected.to contain_class('apache::mod::fastcgi') }
it { is_expected.to contain_class('apache::mod::mime') }
it { is_expected.to contain_class('apache::mod::rewrite') }
it { is_expected.to contain_file('/var/www/s3gw.fcgi').with({
'ensure' => 'file',
'owner' => 'root',
'group' => 'root',
'mode' => '0750',
'content' => "#!/bin/sh
exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n radosgw.gateway",
})}
end
describe "activated with custom params" do
let :title do
'myid'
end
let :params do
{
:rgw_dns_name => 'mydns.hostname',
:rgw_socket_path => '/some/location/radosgw.sock',
:rgw_port => 1111,
:admin_email => 'admin@hostname',
:fcgi_file => '/some/fcgi/filepath',
:syslog => false,
}
end
it { is_expected.to contain_apache__vhost('mydns.hostname-radosgw').with( {
'servername' => 'mydns.hostname',
'serveradmin' => 'admin@hostname',
'port' => 1111,
'docroot' => '/var/www',
'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1&params=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
'access_log' => false,
'error_log' => false,
'fastcgi_server' => '/some/fcgi/filepath',
'fastcgi_socket' => '/some/location/radosgw.sock',
'fastcgi_dir' => '/var/www',
} ) }
it { is_expected.to contain_class('apache') }
it { is_expected.to contain_class('apache::mod::alias') }
it { is_expected.to contain_class('apache::mod::auth_basic') }
it { is_expected.to contain_class('apache::mod::fastcgi') }
it { is_expected.to contain_class('apache::mod::mime') }
it { is_expected.to contain_class('apache::mod::rewrite') }
it { is_expected.to contain_file('/some/fcgi/filepath') }
end
end
describe 'RedHat Family' do
let :facts do
{
:concat_basedir => '/var/lib/puppet/concat',
:fqdn => 'myhost.domain',
:hostname => 'myhost',
:osfamily => 'RedHat',
:operatingsystem => 'RedHat',
:operatingsystemrelease => '7.2',
:operatingsystemmajrelease => '7',
:pkg_fastcgi => 'libapache2-mod-fastcgi',
}
end
describe 'activated with default params' do
let :title do
'radosgw.gateway'
end
it { is_expected.to contain_apache__vhost('myhost.domain-radosgw').with( {
'servername' => 'myhost.domain',
'serveradmin' => 'root@localhost',
'port' => 80,
'docroot' => '/var/www',
'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1&params=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
'access_log' => true,
'error_log' => true,
'fastcgi_server' => '/var/www/s3gw.fcgi',
'fastcgi_socket' => '/tmp/radosgw.sock',
'fastcgi_dir' => '/var/www',
})}
it { is_expected.to contain_class('apache') }
it { is_expected.to contain_class('apache::mod::alias') }
it { is_expected.to contain_class('apache::mod::auth_basic') }
it { is_expected.to contain_class('apache::mod::fastcgi') }
it { is_expected.to contain_class('apache::mod::mime') }
it { is_expected.to contain_class('apache::mod::rewrite') }
it { is_expected.to contain_file('/var/www/s3gw.fcgi').with({
'ensure' => 'file',
'owner' => 'root',
'group' => 'root',
'mode' => '0750',
'content' => "#!/bin/sh
exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n radosgw.gateway",
})}
end
describe "activated with custom params" do
let :title do
'myid'
end
let :params do
{
:rgw_dns_name => 'mydns.hostname',
:rgw_socket_path => '/some/location/radosgw.sock',
:rgw_port => 1111,
:admin_email => 'admin@hostname',
:fcgi_file => '/some/fcgi/filepath',
:syslog => false,
}
end
it { is_expected.to contain_apache__vhost('mydns.hostname-radosgw').with( {
'servername' => 'mydns.hostname',
'serveradmin' => 'admin@hostname',
'port' => 1111,
'docroot' => '/var/www',
'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1&params=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
'access_log' => false,
'error_log' => false,
'fastcgi_server' => '/some/fcgi/filepath',
'fastcgi_socket' => '/some/location/radosgw.sock',
'fastcgi_dir' => '/var/www',
} ) }
it { is_expected.to contain_class('apache') }
it { is_expected.to contain_class('apache::mod::alias') }
it { is_expected.to contain_class('apache::mod::auth_basic') }
it { is_expected.to contain_class('apache::mod::fastcgi') }
it { is_expected.to contain_class('apache::mod::mime') }
it { is_expected.to contain_class('apache::mod::rewrite') }
it { is_expected.to contain_file('/some/fcgi/filepath') }
end
end
end

183
spec/defines/ceph_rgw_apache_proxy_fcgi_spec.rb Normal file
View File

@@ -0,0 +1,183 @@
#
# Copyright (C) 2014 Catalyst IT Limited.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Author: Ricardo Rocha <ricardo@catalyst.net.nz>
# Author: David Gurtner <aldavud@crimson.ch>
# Author: Oleksiy Molchanov <omolchanov@mirantis.com>
#
require 'spec_helper'
describe 'ceph::rgw::apache_proxy_fcgi' do
describe 'Debian Family' do
let :facts do
{
:concat_basedir => '/var/lib/puppet/concat',
:fqdn => 'myhost.domain',
:hostname => 'myhost',
:osfamily => 'Debian',
:operatingsystem => 'Ubuntu',
:lsbdistid => 'Ubuntu',
:operatingsystemrelease => '14.04',
:lsbdistcodename => 'trusty',
}
end
describe 'activated with default params' do
let :title do
'radosgw.gateway'
end
it { is_expected.to contain_apache__vhost('myhost.domain-radosgw').with( {
'servername' => 'myhost.domain',
'serveradmin' => 'root@localhost',
'port' => 80,
'docroot' => '/var/www',
'access_log' => true,
'error_log' => true,
'rewrite_rule' => '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
'setenv' => 'proxy-nokeepalive 1',
'proxy_pass' => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/'},
})}
it { is_expected.to contain_class('apache') }
it { is_expected.to contain_class('apache::mod::alias') }
it { is_expected.to contain_class('apache::mod::auth_basic') }
it { is_expected.to contain_class('apache::mod::proxy') }
it { is_expected.to contain_class('apache::mod::mime') }
it { is_expected.to contain_class('apache::mod::rewrite') }
end
describe "activated with custom params" do
let :title do
'myid'
end
let :params do
{
:rgw_dns_name => 'mydns.hostname',
:rgw_port => 1111,
:admin_email => 'admin@hostname',
:syslog => false,
:proxy_pass => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9999/'},
}
end
it { is_expected.to contain_apache__vhost('mydns.hostname-radosgw').with( {
'servername' => 'mydns.hostname',
'serveradmin' => 'admin@hostname',
'port' => 1111,
'docroot' => '/var/www',
'access_log' => false,
'error_log' => false,
'rewrite_rule' => '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
'setenv' => 'proxy-nokeepalive 1',
'proxy_pass' => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9999/'},
} ) }
it { is_expected.to contain_class('apache') }
it { is_expected.to contain_class('apache::mod::alias') }
it { is_expected.to contain_class('apache::mod::auth_basic') }
it { is_expected.to contain_class('apache::mod::proxy') }
it { is_expected.to contain_class('apache::mod::mime') }
it { is_expected.to contain_class('apache::mod::rewrite') }
end
end
describe 'RedHat Family' do
let :facts do
{
:concat_basedir => '/var/lib/puppet/concat',
:fqdn => 'myhost.domain',
:hostname => 'myhost',
:osfamily => 'RedHat',
:operatingsystem => 'RedHat',
:operatingsystemrelease => '7.2',
:operatingsystemmajrelease => '7',
}
end
describe 'activated with default params' do
let :title do
'radosgw.gateway'
end
it { is_expected.to contain_apache__vhost('myhost.domain-radosgw').with( {
'servername' => 'myhost.domain',
'serveradmin' => 'root@localhost',
'port' => 80,
'docroot' => '/var/www',
'access_log' => true,
'error_log' => true,
'rewrite_rule' => '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
'setenv' => 'proxy-nokeepalive 1',
'proxy_pass' => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/'},
})}
it { is_expected.to contain_class('apache') }
it { is_expected.to contain_class('apache::mod::alias') }
it { is_expected.to contain_class('apache::mod::auth_basic') }
it { is_expected.to contain_class('apache::mod::proxy') }
it { is_expected.to contain_class('apache::mod::mime') }
it { is_expected.to contain_class('apache::mod::rewrite') }
end
describe "activated with custom params" do
let :title do
'myid'
end
let :params do
{
:rgw_dns_name => 'mydns.hostname',
:rgw_port => 1111,
:admin_email => 'admin@hostname',
:syslog => false,
:proxy_pass => {'path'=>'/', 'url'=>'fcgi://127.0.0.1:9999/'},
}
end
it { is_expected.to contain_apache__vhost('mydns.hostname-radosgw').with( {
'servername' => 'mydns.hostname',
'serveradmin' => 'admin@hostname',
'port' => 1111,
'docroot' => '/var/www',
'access_log' => false,
'error_log' => false,
'rewrite_rule' => '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]',
'setenv' => 'proxy-nokeepalive 1',
'proxy_pass' => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9999/'},
} ) }
it { is_expected.to contain_class('apache') }
it { is_expected.to contain_class('apache::mod::alias') }
it { is_expected.to contain_class('apache::mod::auth_basic') }
it { is_expected.to contain_class('apache::mod::proxy') }
it { is_expected.to contain_class('apache::mod::mime') }
it { is_expected.to contain_class('apache::mod::rewrite') }
end
end
end

1
spec/defines/ceph_rgw_apache_spec.rb
View File

@@ -1,4 +1,3 @@
#
# Copyright (C) 2014 Catalyst IT Limited.
#
# Licensed under the Apache License, Version 2.0 (the "License");

8
spec/defines/ceph_rgw_keystone_spec.rb
View File

@@ -44,7 +44,7 @@ describe 'ceph::rgw::keystone' do
class { 'ceph::repo': fastcgi => true, }
include ceph
ceph::rgw { 'radosgw.gateway': }
ceph::rgw::apache { 'radosgw.gateway': }
ceph::rgw::apache_fastcgi { 'radosgw.gateway': }
"
end
@@ -93,7 +93,7 @@ openssl x509 -in /tmp/signing -pubkey | certutil -A -d /var/lib/ceph/nss -n sign
class { 'ceph': fsid => 'd5252e7d-75bc-4083-85ed-fe51fa83f62b' }
class { 'ceph::repo': fastcgi => true, }
ceph::rgw { 'radosgw.custom': }
ceph::rgw::apache { 'radosgw.custom': }
ceph::rgw::apache_fastcgi { 'radosgw.custom': }
"
end
@@ -162,7 +162,7 @@ openssl x509 -in /tmp/signing -pubkey | certutil -A -d /some/path/to/nss -n sign
class { 'ceph::repo': fastcgi => true, }
include ceph
ceph::rgw { 'radosgw.gateway': }
ceph::rgw::apache { 'radosgw.gateway': }
ceph::rgw::apache_fastcgi { 'radosgw.gateway': }
"
end
@@ -211,7 +211,7 @@ openssl x509 -in /tmp/signing -pubkey | certutil -A -d /var/lib/ceph/nss -n sign
class { 'ceph': fsid => 'd5252e7d-75bc-4083-85ed-fe51fa83f62b' }
class { 'ceph::repo': fastcgi => true, }
ceph::rgw { 'radosgw.custom': }
ceph::rgw::apache { 'radosgw.custom': }
ceph::rgw::apache_fastcgi { 'radosgw.custom': }
"
end