openstack/puppet-nova
Code Issues Proposed changes

Merge "Deprecate support for options used by standalone api services"

Browse Source
This commit is contained in:
Zuul
2025-07-14 14:21:08 +00:00
committed by Gerrit Code Review
parent c23c9227bc ee15079cd8
commit 7d42413bd0
5 changed files with 105 additions and 177 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
manifests/api.pp
View File

@@ -20,34 +20,6 @@
# (optional) Whether the nova api package will be installed
# Defaults to 'present'
#
# [*api_bind_address*]
# (optional) IP address for nova-api server to listen
# Defaults to $facts['os_service_default']
#
# [*metadata_listen*]
# (optional) IP address for metadata server to listen
# Defaults to $facts['os_service_default']
#
# [*metadata_listen_port*]
# (optional) The port on which the metadata API will listen.
# Defaults to $facts['os_service_default']
#
# [*enabled_apis*]
# (optional) A list of apis to enable
# Defaults to ['osapi_compute', 'metadata']
#
# [*osapi_compute_workers*]
# (optional) Number of workers for OpenStack API service
# Defaults to $facts['os_workers']
#
# [*osapi_compute_listen_port*]
# (optional) The port on which the OpenStack API will listen.
# Defaults to $facts['os_service_default']
#
# [*metadata_workers*]
# (optional) Number of workers for metadata service
# Defaults to $facts['os_workers']
#
# [*sync_db*]
# (optional) Run nova-manage db sync on api nodes after installing the package.
# Defaults to true
@@ -133,18 +105,41 @@
# the up cells.
# Defaults to $facts['os_service_default']
#
# DEPRECATED PARAMETERS
#
# [*api_bind_address*]
# (optional) IP address for nova-api server to listen
# Defaults to undef
#
# [*metadata_listen*]
# (optional) IP address for metadata server to listen
# Defaults to undef
#
# [*metadata_listen_port*]
# (optional) The port on which the metadata API will listen.
# Defaults to undef
#
# [*enabled_apis*]
# (optional) A list of apis to enable
# Defaults to undef
#
# [*osapi_compute_workers*]
# (optional) Number of workers for OpenStack API service
# Defaults to undef
#
# [*osapi_compute_listen_port*]
# (optional) The port on which the OpenStack API will listen.
# Defaults to undef
#
# [*metadata_workers*]
# (optional) Number of workers for metadata service
# Defaults to undef
#
class nova::api(
Boolean $enabled = true,
Boolean $manage_service = true,
$api_paste_config = 'api-paste.ini',
$ensure_package = 'present',
$api_bind_address = $facts['os_service_default'],
$osapi_compute_listen_port = $facts['os_service_default'],
$metadata_listen = $facts['os_service_default'],
$metadata_listen_port = $facts['os_service_default'],
$enabled_apis = ['osapi_compute', 'metadata'],
$osapi_compute_workers = $facts['os_workers'],
$metadata_workers = $facts['os_workers'],
Boolean $sync_db = true,
Boolean $sync_db_api = true,
Boolean $db_online_data_migrations = false,
@@ -162,6 +157,14 @@ class nova::api(
$instance_list_cells_batch_strategy = $facts['os_service_default'],
$instance_list_cells_batch_fixed_size = $facts['os_service_default'],
$list_records_by_skipping_down_cells = $facts['os_service_default'],
# DEPRECATED PARAMETERS
$api_bind_address = undef,
$osapi_compute_listen_port = undef,
$metadata_listen = undef,
$metadata_listen_port = undef,
$enabled_apis = undef,
$osapi_compute_workers = undef,
$metadata_workers = undef,
) inherits nova::params {
include nova::deps
@@ -171,11 +174,17 @@ class nova::api(
include nova::availability_zone
include nova::pci
# sanitize service_name and prepare DEFAULT/enabled_apis parameter
if $service_name == $::nova::params::api_service_name {
nova_config {
'DEFAULT/enabled_apis': value => join(any2array($enabled_apis), ',');
[
'api_bind_address', 'osapi_compute_listen_port',
'metadata_listen', 'metadata_listen_port',
'enabled_apis', 'osapi_compute_workers', 'metadata_workers',
].each |String $opt| {
if getvar($opt) != undef {
warning("The ${opt} parameter is deprecated and has no effect.")
}
}
if $service_name == $::nova::params::api_service_name {
$service_enabled = $enabled
if $manage_service {
@@ -183,9 +192,6 @@ class nova::api(
Nova_api_uwsgi_config<||> ~> Service['nova-api']
}
} elsif $service_name == 'httpd' {
nova_config {
'DEFAULT/enabled_apis': ensure => absent;
}
$service_enabled = false
policy_rcd { 'nova-api':
@@ -231,24 +237,14 @@ as a standalone service, or httpd for being run by a httpd server")
}
}
if $service_name != 'httpd' {
nova_config {
'DEFAULT/osapi_compute_listen': value => $api_bind_address;
'DEFAULT/osapi_compute_listen_port': value => $osapi_compute_listen_port;
'DEFAULT/osapi_compute_workers': value => $osapi_compute_workers;
'DEFAULT/metadata_workers': value => $metadata_workers;
'DEFAULT/metadata_listen': value => $metadata_listen;
'DEFAULT/metadata_listen_port': value => $metadata_listen_port;
}
} else {
nova_config {
'DEFAULT/osapi_compute_listen': ensure => absent;
'DEFAULT/osapi_compute_listen_port': ensure => absent;
'DEFAULT/osapi_compute_workers': ensure => absent;
'DEFAULT/metadata_workers': ensure => absent;
'DEFAULT/metadata_listen': ensure => absent;
'DEFAULT/metadata_listen_port': ensure => absent;
}
nova_config {
'DEFAULT/enabled_apis': ensure => absent;
'DEFAULT/osapi_compute_listen': ensure => absent;
'DEFAULT/osapi_compute_listen_port': ensure => absent;
'DEFAULT/osapi_compute_workers': ensure => absent;
'DEFAULT/metadata_workers': ensure => absent;
'DEFAULT/metadata_listen': ensure => absent;
'DEFAULT/metadata_listen_port': ensure => absent;
}
oslo::middleware {'nova_config':

55
manifests/init.pp
View File

@@ -400,11 +400,6 @@ class nova(
$report_interval = $facts['os_service_default'],
$periodic_fuzzy_delay = $facts['os_service_default'],
$rootwrap_config = '/etc/nova/rootwrap.conf',
Boolean $use_ssl = false,
Array[String[1]] $enabled_ssl_apis = ['metadata', 'osapi_compute'],
$ca_file = undef,
$cert_file = undef,
$key_file = undef,
Optional[Nova::SshKey] $nova_public_key = undef,
Optional[Nova::SshKey] $nova_private_key = undef,
$record = $facts['os_service_default'],
@@ -437,23 +432,24 @@ class nova(
# DEPRECATED PARAMETERS
$auth_strategy = undef,
$rabbit_heartbeat_in_pthread = undef,
$use_ssl = undef,
$enabled_ssl_apis = undef,
$ca_file = undef,
$cert_file = undef,
$key_file = undef,
) inherits nova::params {
include nova::deps
include nova::workarounds
if empty($enabled_ssl_apis) and $use_ssl {
warning('enabled_ssl_apis is empty but use_ssl is set to true')
[
'use_ssl', 'enabled_ssl_apis', 'ca_file', 'cert_file', 'key_file'
].each |String $opt| {
if getvar($opt) != undef {
warning("The ${opt} parameter is deprecated and has no effect.")
}
}
if $use_ssl {
if !$cert_file {
fail('The cert_file parameter is required when use_ssl is set to true')
}
if !$key_file {
fail('The key_file parameter is required when use_ssl is set to true')
}
}
if $nova_public_key or $nova_private_key {
file { '/var/lib/nova/.ssh':
@@ -561,30 +557,11 @@ class nova(
rabbit_retry_interval => $rabbit_retry_interval,
}
# SSL Options
if $use_ssl {
nova_config {
'DEFAULT/enabled_ssl_apis': value => join($enabled_ssl_apis, ',');
'wsgi/ssl_cert_file': value => $cert_file;
'wsgi/ssl_key_file': value => $key_file;
}
if $ca_file {
nova_config {
'wsgi/ssl_ca_file': value => $ca_file;
}
} else {
nova_config {
'wsgi/ssl_ca_file': ensure => absent;
}
}
} else {
nova_config {
'DEFAULT/enabled_ssl_apis': ensure => absent;
'wsgi/ssl_cert_file': ensure => absent;
'wsgi/ssl_key_file': ensure => absent;
'wsgi/ssl_ca_file': ensure => absent;
}
nova_config {
'DEFAULT/enabled_ssl_apis': ensure => absent;
'wsgi/ssl_cert_file': ensure => absent;
'wsgi/ssl_key_file': ensure => absent;
'wsgi/ssl_ca_file': ensure => absent;
}
oslo::messaging::default { 'nova_config':

22
releasenotes/notes/deprecate-opts-for-standalone-api-2fb16814a77706f7.yaml Normal file
View File

@@ -0,0 +1,22 @@
---
deprecations:
- |
The following parmaeters have been deprecated and have no effect now.
- The ``nova::api`` class
- ``api_bind_address``
- ``metadata_listen``
- ``metadata_listen_port``
- ``enabled_apis``
- ``osapi_compute_workers``
- ``osapi_compute_listen_port``
- ``metadata_workers``
- The ``nova`` class
- ``use_ssl``
- ``enabled_ssl_apis``
- ``ca_file``
- ``cert_file``
- ``key_file``

42
spec/classes/nova_api_spec.rb
View File

@@ -37,26 +37,26 @@ describe 'nova::api' do
is_expected.to contain_package('nova-api').that_notifies('Anchor[nova::install::end]')
end
it 'enable metadata in evenlet configuration' do
is_expected.to contain_nova_config('DEFAULT/enabled_apis').with_value('osapi_compute,metadata')
end
it { is_expected.to contain_class('nova::availability_zone') }
it 'clears eventlet options' do
is_expected.to contain_nova_config('DEFAULT/enabled_apis').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_workers').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_listen').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_listen_port').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/metadata_workers').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/metadata_listen').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/metadata_listen_port').with_ensure('absent')
end
it 'configures various stuff' do
is_expected.to contain_nova_config('wsgi/api_paste_config').with_value('api-paste.ini')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_listen').with_value('<SERVICE DEFAULT>')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_listen_port').with_value('<SERVICE DEFAULT>')
is_expected.to contain_nova_config('DEFAULT/metadata_listen').with_value('<SERVICE DEFAULT>')
is_expected.to contain_nova_config('DEFAULT/metadata_listen_port').with_value('<SERVICE DEFAULT>')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_workers').with_value('5')
is_expected.to contain_nova_config('DEFAULT/metadata_workers').with_value('5')
is_expected.to contain_oslo__middleware('nova_config').with(
:enable_proxy_headers_parsing => '<SERVICE DEFAULT>',
:max_request_body_size => '<SERVICE DEFAULT>',
)
is_expected.to contain_nova_config('api/max_limit').with_value('<SERVICE DEFAULT>')
is_expected.to contain_nova_config('api/compute_link_prefix').with_value('<SERVICE DEFAULT>')
is_expected.to contain_nova_config('api/glance_link_prefix').with_value('<SERVICE DEFAULT>')
is_expected.to contain_nova_config('api/enable_instance_password').with_value('<SERVICE DEFAULT>')
@@ -74,12 +74,6 @@ describe 'nova::api' do
params.merge!({
:enabled => false,
:ensure_package => '2012.1-2',
:api_bind_address => '192.168.56.210',
:metadata_listen => '127.0.0.1',
:metadata_listen_port => 8875,
:osapi_compute_listen_port => 8874,
:osapi_compute_workers => 1,
:metadata_workers => 2,
:enable_proxy_headers_parsing => true,
:max_request_body_size => '102400',
:max_limit => 1000,
@@ -111,12 +105,6 @@ describe 'nova::api' do
end
it 'configures various stuff' do
is_expected.to contain_nova_config('DEFAULT/osapi_compute_listen').with_value('192.168.56.210')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_listen_port').with_value('8874')
is_expected.to contain_nova_config('DEFAULT/metadata_listen').with_value('127.0.0.1')
is_expected.to contain_nova_config('DEFAULT/metadata_listen_port').with_value('8875')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_workers').with_value('1')
is_expected.to contain_nova_config('DEFAULT/metadata_workers').with_value('2')
is_expected.to contain_nova_config('api/max_limit').with_value('1000')
is_expected.to contain_nova_config('api/compute_link_prefix').with_value('https://10.0.0.1:7777/')
is_expected.to contain_nova_config('api/glance_link_prefix').with_value('https://10.0.0.1:6666/')
@@ -166,15 +154,7 @@ describe 'nova::api' do
:enable => false,
:tag => 'nova-service',
)
is_expected.to contain_nova_config('DEFAULT/enabled_apis').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_workers').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_listen').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/osapi_compute_listen_port').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/metadata_workers').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/metadata_listen').with_ensure('absent')
is_expected.to contain_nova_config('DEFAULT/metadata_listen_port').with_ensure('absent')
end
end
context 'when service_name is not valid' do

47
spec/classes/nova_init_spec.rb
View File

@@ -329,53 +329,6 @@ describe 'nova' do
end
end
context 'with SSL socket options set' do
let :params do
{
:use_ssl => true,
:enabled_ssl_apis => ['osapi_compute'],
:cert_file => '/path/to/cert',
:ca_file => '/path/to/ca',
:key_file => '/path/to/key',
}
end
it { is_expected.to contain_nova_config('DEFAULT/enabled_ssl_apis').with_value('osapi_compute') }
it { is_expected.to contain_nova_config('wsgi/ssl_ca_file').with_value('/path/to/ca') }
it { is_expected.to contain_nova_config('wsgi/ssl_cert_file').with_value('/path/to/cert') }
it { is_expected.to contain_nova_config('wsgi/ssl_key_file').with_value('/path/to/key') }
end
context 'with SSL socket options set with wrong parameters' do
let :params do
{
:use_ssl => true,
:enabled_ssl_apis => ['osapi_compute'],
:ca_file => '/path/to/ca',
:key_file => '/path/to/key',
}
end
it_raises 'a Puppet::Error', /The cert_file parameter is required when use_ssl is set to true/
end
context 'with SSL socket options set to false' do
let :params do
{
:use_ssl => false,
:enabled_ssl_apis => [],
:cert_file => false,
:ca_file => false,
:key_file => false,
}
end
it { is_expected.to contain_nova_config('DEFAULT/enabled_ssl_apis').with_ensure('absent') }
it { is_expected.to contain_nova_config('wsgi/ssl_ca_file').with_ensure('absent') }
it { is_expected.to contain_nova_config('wsgi/ssl_cert_file').with_ensure('absent') }
it { is_expected.to contain_nova_config('wsgi/ssl_key_file').with_ensure('absent') }
end
context 'with allocation ratios set' do
let :params do
{