openstack/puppet-magnum
Code Issues Proposed changes

Add Magnum API WSGI support

Browse Source 
Adds support for running the Magnum API under WSGI with Apache.

Change-Id: I6c564992218a0802981eece5bff8b2a4a7a85f7c
This commit is contained in:
Tobias Urdin 2018-09-19 00:16:17 +02:00
parent 602855ec68
commit e16f87c6ac
5 changed files with 264 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
manifests/api.pp
View File

@ -12,6 +12,19 @@
# (Optional) Define if the service should be enabled or not.
# Defaults to true
#
# [*manage_service*]
# (Optional) Whether the service should be managed by Puppet.
# Defaults to true
#
# [*service_name*]
# (Optional) Name of the service that will be providing the
# server functionality of magnum-api.
# If the value is 'httpd', this means magnum-api will be a web
# service, and you must use another class to configure that
# web service. For example, use class { 'magnum::wsgi::apache'...}
# to make magnum-api be a web app using apache mod_wsgi.
# Defaults to $::magnum::params::api_service
#
# [*port*]
# (Optional) The port for the Magnum API server.
# Defaults to '9511'
@ -54,6 +67,8 @@
class magnum::api(
$package_ensure = 'present',
$enabled = true,
$manage_service = true,
$service_name = $::magnum::params::api_service,
$port = '9511',
$host = '127.0.0.1',
$max_limit = '1000',
@ -63,7 +78,7 @@ class magnum::api(
$ssl_cert_file = $::os_service_default,
$ssl_key_file = $::os_service_default,
$workers = $::os_workers,
) {
) inherits magnum::params {
include ::magnum::deps
include ::magnum::params
@ -102,19 +117,33 @@ class magnum::api(
}
}
if $enabled {
$ensure = 'running'
} else {
$ensure = 'stopped'
}
if $manage_service {
if $enabled {
$ensure = 'running'
} else {
$ensure = 'stopped'
}
# Manage service
service { 'magnum-api':
ensure => $ensure,
name => $::magnum::params::api_service,
enable => $enabled,
hasstatus => true,
tag => ['magnum-service', 'magnum-db-sync-service'],
if $service_name == $::magnum::params::api_service {
service { 'magnum-api':
ensure => $ensure,
name => $::magnum::params::api_service,
enable => $enabled,
hasstatus => true,
tag => ['magnum-service', 'magnum-db-sync-service'],
}
} elsif $service_name == 'httpd' {
include ::apache::params
service { 'magnum-api':
ensure => 'stopped',
name => $::magnum::params::api_service,
enable => false,
hasstatus => true,
tag => ['magnum-service', 'magnum-db-sync-service'],
}
Service['magnum-api'] -> Service[$service_name]
Service<| title == 'httpd' |> { tag +> ['magnum-service', 'magnum-db-sync-service'] }
}
}
if $auth_strategy == 'keystone' {

30
manifests/params.pp
View File

@ -7,31 +7,37 @@ class magnum::params {
if ($::os_package_type == 'debian') {
$pyvers = '3'
$pyver3 = '3'
} else {
$pyvers = ''
$pyver3 = '2.7'
}
$group = 'magnum'
case $::osfamily {
'RedHat': {
# package names
$common_package = 'openstack-magnum-common'
$api_package = 'openstack-magnum-api'
$conductor_package = 'openstack-magnum-conductor'
$common_package = 'openstack-magnum-common'
$api_package = 'openstack-magnum-api'
$conductor_package = 'openstack-magnum-conductor'
# service names
$api_service = 'openstack-magnum-api'
$conductor_service = 'openstack-magnum-conductor'
$client_package = 'python2-magnumclient'
$api_service = 'openstack-magnum-api'
$conductor_service = 'openstack-magnum-conductor'
$client_package = 'python2-magnumclient'
$wsgi_script_path = '/var/www/cgi-bin/magnum'
$wsgi_script_source = '/usr/lib/python2.7/site-packages/magnum/api/app.wsgi'
}
'Debian': {
# package names
$common_package = 'magnum-common'
$api_package = 'magnum-api'
$conductor_package = 'magnum-conductor'
$common_package = 'magnum-common'
$api_package = 'magnum-api'
$conductor_package = 'magnum-conductor'
# service names
$api_service = 'magnum-api'
$conductor_service = 'magnum-conductor'
$client_package = "python${pyvers}-magnumclient"
$api_service = 'magnum-api'
$conductor_service = 'magnum-conductor'
$client_package = "python${pyvers}-magnumclient"
$wsgi_script_path = '/usr/lib/cgi-bin/magnum'
$wsgi_script_source = "/usr/lib/python${pyver3}/dist-packages/magnum/api/app.wsgi"
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem")

155
manifests/wsgi/apache.pp Normal file
View File

@ -0,0 +1,155 @@
#
# Copyright (C) 2018 Binero
#
# Author: Tobias Urdin <tobias.urdin@binero.se>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: magnum::wsgi::apache
#
# Install Magnum API under apache with mod_wsgi.
#
# == Parameters:
#
# [*servername*]
# (Optional) The servername for the virtualhost.
# Defaults to $::fqdn
#
# [*port*]
# (Optional) The port.
# Defaults to 9511
#
# [*bind_host*]
# (Optional) The host/ip address Apache will listen on.
# Defaults to undef (listen on all ip addresses).
#
# [*path*]
# (Optional) The prefix for the endpoint.
# Defaults to '/'
#
# [*ssl*]
# (Optional) Use ssl.
# Defaults to false
#
# [*workers*]
# (Optional) Number of WSGI workers to spawn.
# Defaults to $::os_workers
#
# [*priority*]
# (Optional) The priority for the vhost.
# Defaults to '10'
#
# [*threads*]
# (Optional) The number of threads for the vhost.
# Defaults to 1
#
# [*wsgi_process_display_name*]
# (Optional) Name of the WSGI process display-name.
# Defaults to undef
#
# [*ssl_cert*]
# [*ssl_key*]
# [*ssl_chain*]
# [*ssl_ca*]
# [*ssl_crl_path*]
# [*ssl_crl*]
# [*ssl_certs_dir*]
# (Optional) apache::vhost ssl parameters.
# Default to apache::vhost 'ssl_*' defaults
#
# [*access_log_file*]
# (Optional) The log file name for the virtualhost.
# Defaults to false
#
# [*access_log_format*]
# (Optional) The log format for the virtualhost.
# Defaults to false
#
# [*error_log_file*]
# (Optional) The error log file name for the virtualhost.
# Defaults to undef
#
# [*custom_wsgi_process_options*]
# (Optional) gives you the oportunity to add custom process options or to
# overwrite the default options for the WSGI main process.
# eg. to use a virtual python environment for the WSGI process
# you could set it to:
# { python-path => '/my/python/virtualenv' }
# Defaults to {}
#
# == Example:
#
# include apache
# class { 'magnum::wsgi::apache': }
#
class magnum::wsgi::apache (
$servername = $::fqdn,
$port = 9511,
$bind_host = undef,
$path = '/',
$ssl = false,
$workers = $::os_workers,
$ssl_cert = undef,
$ssl_key = undef,
$ssl_chain = undef,
$ssl_ca = undef,
$ssl_crl_path = undef,
$ssl_crl = undef,
$ssl_certs_dir = undef,
$wsgi_process_display_name = undef,
$threads = 1,
$priority = '10',
$access_log_file = false,
$access_log_format = false,
$error_log_file = undef,
$custom_wsgi_process_options = {},
) {
include ::magnum::deps
include ::magnum::params
include ::apache
include ::apache::mod::wsgi
if $ssl {
include ::apache::mod::ssl
}
::openstacklib::wsgi::apache { 'magnum_wsgi':
bind_host => $bind_host,
bind_port => $port,
group => 'magnum',
path => $path,
priority => $priority,
servername => $servername,
ssl => $ssl,
ssl_ca => $ssl_ca,
ssl_cert => $ssl_cert,
ssl_certs_dir => $ssl_certs_dir,
ssl_chain => $ssl_chain,
ssl_crl => $ssl_crl,
ssl_crl_path => $ssl_crl_path,
ssl_key => $ssl_key,
threads => $threads,
user => 'magnum',
workers => $workers,
wsgi_daemon_process => 'magnum',
wsgi_process_display_name => $wsgi_process_display_name,
wsgi_process_group => 'magnum',
wsgi_script_dir => $::magnum::params::wsgi_script_path,
wsgi_script_file => 'app',
wsgi_script_source => $::magnum::params::wsgi_script_source,
access_log_file => $access_log_file,
access_log_format => $access_log_format,
error_log_file => $error_log_file,
custom_wsgi_process_options => $custom_wsgi_process_options,
require => Anchor['magnum::install::end'],
}
}

8
releasenotes/notes/magnum-api-wsgi-d0740524e4232379.yaml Normal file
View File

@ -0,0 +1,8 @@
---
features:
- |
Added magnum::api::manage_service that can be used to determine if we should
manage the service state or not.
- |
Added new class magnum::wsgi::apache, you can now run the magnum API under
Apache with mod_wsgi.

50
spec/classes/magnum_api_spec.rb
View File

@ -36,13 +36,11 @@ describe 'magnum::api' do
it { is_expected.to contain_class('magnum::policy') }
it 'configures magnum api package' do
if platform_params.has_key?(:api_package)
is_expected.to contain_package('magnum-api').with(
:ensure => p[:package_ensure],
:name => platform_params[:api_package],
:tag => ['openstack', 'magnum-package'],
)
end
is_expected.to contain_package('magnum-api').with(
:ensure => p[:package_ensure],
:name => platform_params[:api_package],
:tag => ['openstack', 'magnum-package'],
)
end
it 'ensures magnum api service is running' do
@ -95,6 +93,32 @@ describe 'magnum::api' do
end
end
shared_examples 'magnum-api wsgi' do
let :pre_condition do
"include ::magnum
class { 'magnum::keystone::authtoken':
password => 'secret',
}
include ::apache"
end
let :params do
{
:service_name => 'httpd',
}
end
context 'with required params' do
it { should contain_service('magnum-api').with(
:ensure => 'stopped',
:name => platform_params[:api_service],
:enable => false,
:hasstatus => true,
:tag => ['magnum-service', 'magnum-db-sync-service'],
)}
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
@ -103,11 +127,19 @@ describe 'magnum::api' do
facts.merge!(OSDefaults.get_facts())
end
let :platform_params do
{ :api_service => 'magnum-api' }
let(:platform_params) do
case facts[:osfamily]
when 'Debian'
{ :api_package => 'magnum-api',
:api_service => 'magnum-api' }
when 'RedHat'
{ :api_package => 'openstack-magnum-api',
:api_service => 'openstack-magnum-api' }
end
end
it_configures 'magnum-api'
it_configures 'magnum-api wsgi'
end
end