Support [metadata_rate_limiting] options
... which were added in the 2023.2 release[1]. [1] 5f4a41326d7b1da03e1929b4fd8bcdaf69da19ab Change-Id: I791f7a76c3ca2dc6715b84ef289f56e437ac50a9
This commit is contained in:
parent
f3d1c575ca
commit
97dc19f1f6
62
manifests/agents/dhcp/metadata_rate_limiting.pp
Normal file
62
manifests/agents/dhcp/metadata_rate_limiting.pp
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
#
|
||||||
|
# == Class: neutron::agents:dhcp::metadata_rate_limiting
|
||||||
|
#
|
||||||
|
# Setups metadata ratelimit options for dhcp agent
|
||||||
|
#
|
||||||
|
# === Parameters
|
||||||
|
#
|
||||||
|
# [*rate_limit_enabled*]
|
||||||
|
# (Optional) Enable rate limiting on the metadata API.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*ip_versions*]
|
||||||
|
# (Optional) List of the metadata address IP versions for which rate limiting
|
||||||
|
# will be enabled.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*base_window_duration*]
|
||||||
|
# (Optional) Duration (seconds) of the base window on the metadata API.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*base_query_rate_limit*]
|
||||||
|
# (Optional) Max number of queries to accept during the base window.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*burst_window_duration*]
|
||||||
|
# (Optional) Duration (seconds) of the burst window on the metadata API.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*burst_query_rate_limit*]
|
||||||
|
# (Optional) Max number of queries to accept during the burst window.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
class neutron::agents::dhcp::metadata_rate_limiting (
|
||||||
|
$rate_limit_enabled = $facts['os_service_default'],
|
||||||
|
$ip_versions = $facts['os_service_default'],
|
||||||
|
$base_window_duration = $facts['os_service_default'],
|
||||||
|
$base_query_rate_limit = $facts['os_service_default'],
|
||||||
|
$burst_window_duration = $facts['os_service_default'],
|
||||||
|
$burst_query_rate_limit = $facts['os_service_default'],
|
||||||
|
) {
|
||||||
|
include neutron::deps
|
||||||
|
|
||||||
|
neutron_dhcp_agent_config {
|
||||||
|
'metadata_rate_limiting/rate_limit_enabled': value => $rate_limit_enabled;
|
||||||
|
'metadata_rate_limiting/ip_versions': value => join(any2array($ip_versions), ',');
|
||||||
|
'metadata_rate_limiting/base_window_duration': value => $base_window_duration;
|
||||||
|
'metadata_rate_limiting/base_query_rate_limit': value => $base_query_rate_limit;
|
||||||
|
'metadata_rate_limiting/burst_window_duration': value => $burst_window_duration;
|
||||||
|
'metadata_rate_limiting/burst_query_rate_limit': value => $burst_query_rate_limit;
|
||||||
|
}
|
||||||
|
}
|
62
manifests/agents/l3/metadata_rate_limiting.pp
Normal file
62
manifests/agents/l3/metadata_rate_limiting.pp
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
#
|
||||||
|
# == Class: neutron::agents:l3::metadata_rate_limiting
|
||||||
|
#
|
||||||
|
# Setups metadata ratelimit options for l3 agent
|
||||||
|
#
|
||||||
|
# === Parameters
|
||||||
|
#
|
||||||
|
# [*rate_limit_enabled*]
|
||||||
|
# (Optional) Enable rate limiting on the metadata API.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*ip_versions*]
|
||||||
|
# (Optional) List of the metadata address IP versions for which rate limiting
|
||||||
|
# will be enabled.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*base_window_duration*]
|
||||||
|
# (Optional) Duration (seconds) of the base window on the metadata API.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*base_query_rate_limit*]
|
||||||
|
# (Optional) Max number of queries to accept during the base window.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*burst_window_duration*]
|
||||||
|
# (Optional) Duration (seconds) of the burst window on the metadata API.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*burst_query_rate_limit*]
|
||||||
|
# (Optional) Max number of queries to accept during the burst window.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
class neutron::agents::l3::metadata_rate_limiting (
|
||||||
|
$rate_limit_enabled = $facts['os_service_default'],
|
||||||
|
$ip_versions = $facts['os_service_default'],
|
||||||
|
$base_window_duration = $facts['os_service_default'],
|
||||||
|
$base_query_rate_limit = $facts['os_service_default'],
|
||||||
|
$burst_window_duration = $facts['os_service_default'],
|
||||||
|
$burst_query_rate_limit = $facts['os_service_default'],
|
||||||
|
) {
|
||||||
|
include neutron::deps
|
||||||
|
|
||||||
|
neutron_l3_agent_config {
|
||||||
|
'metadata_rate_limiting/rate_limit_enabled': value => $rate_limit_enabled;
|
||||||
|
'metadata_rate_limiting/ip_versions': value => join(any2array($ip_versions), ',');
|
||||||
|
'metadata_rate_limiting/base_window_duration': value => $base_window_duration;
|
||||||
|
'metadata_rate_limiting/base_query_rate_limit': value => $base_query_rate_limit;
|
||||||
|
'metadata_rate_limiting/burst_window_duration': value => $burst_window_duration;
|
||||||
|
'metadata_rate_limiting/burst_query_rate_limit': value => $burst_query_rate_limit;
|
||||||
|
}
|
||||||
|
}
|
62
manifests/agents/ovn_metadata/metadata_rate_limiting.pp
Normal file
62
manifests/agents/ovn_metadata/metadata_rate_limiting.pp
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
#
|
||||||
|
# == Class: neutron::agents:ovn_metadata::metadata_rate_limiting
|
||||||
|
#
|
||||||
|
# Setups metadata ratelimit options for ovn metadata agent
|
||||||
|
#
|
||||||
|
# === Parameters
|
||||||
|
#
|
||||||
|
# [*rate_limit_enabled*]
|
||||||
|
# (Optional) Enable rate limiting on the metadata API.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*ip_versions*]
|
||||||
|
# (Optional) List of the metadata address IP versions for which rate limiting
|
||||||
|
# will be enabled.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*base_window_duration*]
|
||||||
|
# (Optional) Duration (seconds) of the base window on the metadata API.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*base_query_rate_limit*]
|
||||||
|
# (Optional) Max number of queries to accept during the base window.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*burst_window_duration*]
|
||||||
|
# (Optional) Duration (seconds) of the burst window on the metadata API.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
# [*burst_query_rate_limit*]
|
||||||
|
# (Optional) Max number of queries to accept during the burst window.
|
||||||
|
# Defaults to $facts['os_service_default'].
|
||||||
|
#
|
||||||
|
class neutron::agents::ovn_metadata::metadata_rate_limiting (
|
||||||
|
$rate_limit_enabled = $facts['os_service_default'],
|
||||||
|
$ip_versions = $facts['os_service_default'],
|
||||||
|
$base_window_duration = $facts['os_service_default'],
|
||||||
|
$base_query_rate_limit = $facts['os_service_default'],
|
||||||
|
$burst_window_duration = $facts['os_service_default'],
|
||||||
|
$burst_query_rate_limit = $facts['os_service_default'],
|
||||||
|
) {
|
||||||
|
include neutron::deps
|
||||||
|
|
||||||
|
ovn_metadata_agent_config {
|
||||||
|
'metadata_rate_limiting/rate_limit_enabled': value => $rate_limit_enabled;
|
||||||
|
'metadata_rate_limiting/ip_versions': value => join(any2array($ip_versions), ',');
|
||||||
|
'metadata_rate_limiting/base_window_duration': value => $base_window_duration;
|
||||||
|
'metadata_rate_limiting/base_query_rate_limit': value => $base_query_rate_limit;
|
||||||
|
'metadata_rate_limiting/burst_window_duration': value => $burst_window_duration;
|
||||||
|
'metadata_rate_limiting/burst_query_rate_limit': value => $burst_query_rate_limit;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
The following three classes have been added, to support configuration of
|
||||||
|
``[metadata_rate_limiting]`` options.
|
||||||
|
|
||||||
|
- ``neutron::agents::dhcp::metadata_rate_limiting``
|
||||||
|
- ``neutron::agents::l3::metadata_rate_limiting``
|
||||||
|
- ``neutron::agents::ovn_metadata::metadata_rate_limiting``
|
@ -0,0 +1,49 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'neutron::agents::dhcp::metadata_rate_limiting' do
|
||||||
|
shared_examples 'neutron::agents::dhcp::metadata_rate_limiting' do
|
||||||
|
context 'with defaults' do
|
||||||
|
it 'configures the default values' do
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/rate_limit_enabled').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/ip_versions').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/base_window_duration').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/base_query_rate_limit').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/burst_window_duration').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/burst_query_rate_limit').with_value('<SERVICE DEFAULT>');
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with parameters' do
|
||||||
|
let :params do
|
||||||
|
{
|
||||||
|
:rate_limit_enabled => false,
|
||||||
|
:ip_versions => [4],
|
||||||
|
:base_window_duration => 10,
|
||||||
|
:base_query_rate_limit => 11,
|
||||||
|
:burst_window_duration => 12,
|
||||||
|
:burst_query_rate_limit => 13,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
it 'configures the given values' do
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/rate_limit_enabled').with_value(false);
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/ip_versions').with_value(4);
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/base_window_duration').with_value(10);
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/base_query_rate_limit').with_value(11);
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/burst_window_duration').with_value(12);
|
||||||
|
should contain_neutron_dhcp_agent_config('metadata_rate_limiting/burst_query_rate_limit').with_value(13);
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
on_supported_os({
|
||||||
|
:supported_os => OSDefaults.get_supported_os
|
||||||
|
}).each do |os,facts|
|
||||||
|
context "on #{os}" do
|
||||||
|
let (:facts) do
|
||||||
|
facts.merge!(OSDefaults.get_facts())
|
||||||
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'neutron::agents::dhcp::metadata_rate_limiting'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
@ -0,0 +1,49 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'neutron::agents::l3::metadata_rate_limiting' do
|
||||||
|
shared_examples 'neutron::agents::l3::metadata_rate_limiting' do
|
||||||
|
context 'with defaults' do
|
||||||
|
it 'configures the default values' do
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/rate_limit_enabled').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/ip_versions').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/base_window_duration').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/base_query_rate_limit').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/burst_window_duration').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/burst_query_rate_limit').with_value('<SERVICE DEFAULT>');
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with parameters' do
|
||||||
|
let :params do
|
||||||
|
{
|
||||||
|
:rate_limit_enabled => false,
|
||||||
|
:ip_versions => [4],
|
||||||
|
:base_window_duration => 10,
|
||||||
|
:base_query_rate_limit => 11,
|
||||||
|
:burst_window_duration => 12,
|
||||||
|
:burst_query_rate_limit => 13,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
it 'configures the given values' do
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/rate_limit_enabled').with_value(false);
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/ip_versions').with_value(4);
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/base_window_duration').with_value(10);
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/base_query_rate_limit').with_value(11);
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/burst_window_duration').with_value(12);
|
||||||
|
should contain_neutron_l3_agent_config('metadata_rate_limiting/burst_query_rate_limit').with_value(13);
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
on_supported_os({
|
||||||
|
:supported_os => OSDefaults.get_supported_os
|
||||||
|
}).each do |os,facts|
|
||||||
|
context "on #{os}" do
|
||||||
|
let (:facts) do
|
||||||
|
facts.merge!(OSDefaults.get_facts())
|
||||||
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'neutron::agents::l3::metadata_rate_limiting'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
@ -0,0 +1,49 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'neutron::agents::ovn_metadata::metadata_rate_limiting' do
|
||||||
|
shared_examples 'neutron::agents::ovn_metadata::metadata_rate_limiting' do
|
||||||
|
context 'with defaults' do
|
||||||
|
it 'configures the default values' do
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/rate_limit_enabled').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/ip_versions').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/base_window_duration').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/base_query_rate_limit').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/burst_window_duration').with_value('<SERVICE DEFAULT>');
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/burst_query_rate_limit').with_value('<SERVICE DEFAULT>');
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with parameters' do
|
||||||
|
let :params do
|
||||||
|
{
|
||||||
|
:rate_limit_enabled => false,
|
||||||
|
:ip_versions => [4],
|
||||||
|
:base_window_duration => 10,
|
||||||
|
:base_query_rate_limit => 11,
|
||||||
|
:burst_window_duration => 12,
|
||||||
|
:burst_query_rate_limit => 13,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
it 'configures the given values' do
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/rate_limit_enabled').with_value(false);
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/ip_versions').with_value(4);
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/base_window_duration').with_value(10);
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/base_query_rate_limit').with_value(11);
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/burst_window_duration').with_value(12);
|
||||||
|
should contain_ovn_metadata_agent_config('metadata_rate_limiting/burst_query_rate_limit').with_value(13);
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
on_supported_os({
|
||||||
|
:supported_os => OSDefaults.get_supported_os
|
||||||
|
}).each do |os,facts|
|
||||||
|
context "on #{os}" do
|
||||||
|
let (:facts) do
|
||||||
|
facts.merge!(OSDefaults.get_facts())
|
||||||
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'neutron::agents::ovn_metadata::metadata_rate_limiting'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue
Block a user