From 0f7bdd733aa4c090a8c6b1db3b92ce9184616186 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Mon, 26 Jun 2023 18:15:17 +0900 Subject: [PATCH] replace validate_legacy the validate_legacy function is marked for deprecation in v9.0.0 from puppetlabs-stdlib. Change-Id: I920294342c9c2c0567796f345cbfa9e39bb1f1d3 --- .../functions/validate_tempauth_account.rb | 44 ++++++ manifests/config.pp | 22 +-- manifests/containerreconciler.pp | 26 ++-- manifests/internal_client.pp | 6 +- manifests/proxy.pp | 66 ++++----- manifests/proxy/ratelimit.pp | 17 +-- manifests/proxy/tempauth.pp | 34 +---- manifests/ringbuilder/create.pp | 25 ++-- manifests/ringbuilder/policy_ring.pp | 37 +++-- manifests/ringbuilder/rebalance.pp | 28 ++-- manifests/ringsync.pp | 9 +- manifests/storage/drive_audit.pp | 50 ++++--- manifests/storage/generic.pp | 37 ++--- manifests/storage/mount.pp | 6 +- manifests/storage/node.pp | 7 +- manifests/storage/server.pp | 125 ++++++++-------- manifests/storage/xfs.pp | 14 +- .../validate_tempauth_account_spec.rb | 133 ++++++++++++++++++ spec/type_aliases/ringtype_spec.rb | 29 ++++ spec/type_aliases/storageservertype_spec.rb | 27 ++++ types/pipeline.pp | 1 + types/ringtype.pp | 8 ++ types/storageservertype.pp | 5 + 23 files changed, 475 insertions(+), 281 deletions(-) create mode 100644 lib/puppet/functions/validate_tempauth_account.rb create mode 100644 spec/functions/validate_tempauth_account_spec.rb create mode 100644 spec/type_aliases/ringtype_spec.rb create mode 100644 spec/type_aliases/storageservertype_spec.rb create mode 100644 types/pipeline.pp create mode 100644 types/ringtype.pp create mode 100644 types/storageservertype.pp diff --git a/lib/puppet/functions/validate_tempauth_account.rb b/lib/puppet/functions/validate_tempauth_account.rb new file mode 100644 index 00000000..68f513bb --- /dev/null +++ b/lib/puppet/functions/validate_tempauth_account.rb @@ -0,0 +1,44 @@ +Puppet::Functions.create_function(:validate_tempauth_account) do + def validate_tempauth_account(*args) + if args.size > 1 + raise Puppet::Error, "validate_tempauth_account takes only a single argument, #{args.size} provided" + end + arg = args[0] + + if not arg.kind_of?(Hash) + raise Puppet::Error, "non-hash argument provided to validate_tempauth_account" + end + + ['user', 'account', 'key'].each do |key| + if arg.has_key?(key) + key_real = key + elsif arg.has_key?(key.to_sym) + key_real = key.to_sym + else + raise Puppet::Error, "The required key #{key} is missing" + end + + if not arg[key_real].kind_of?(String) + raise Puppet::Error, "The key #{key} is not a string value" + end + + if arg[key_real].length == 0 + raise Puppet::Error, "The key #{key} is empty" + end + end + + ['groups'].each do |key| + if arg.has_key?(key) + key_real = key + elsif arg.has_key?(key.to_sym) + key_real = key.to_sym + else + raise Puppet::Error, "The required key #{key} is missing" + end + + if not arg[key_real].kind_of?(Array) + raise Puppet::Error, "The key #{key} is not an array value" + end + end + end +end diff --git a/manifests/config.pp b/manifests/config.pp index 9741c99c..e8deb9d5 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -46,25 +46,17 @@ # The value is an hash of swift_internal_client_config resources. # class swift::config ( - $swift_config = {}, - $swift_container_sync_realms_config = {}, - $swift_proxy_config = {}, - $swift_account_config = {}, - $swift_container_config = {}, - $swift_object_config = {}, - $swift_internal_client_config = {}, + Hash $swift_config = {}, + Hash $swift_container_sync_realms_config = {}, + Hash $swift_proxy_config = {}, + Hash $swift_account_config = {}, + Hash $swift_container_config = {}, + Hash $swift_object_config = {}, + Hash $swift_internal_client_config = {}, ) { include swift::deps - validate_legacy(Hash, 'validate_hash', $swift_config) - validate_legacy(Hash, 'validate_hash', $swift_container_sync_realms_config) - validate_legacy(Hash, 'validate_hash', $swift_proxy_config) - validate_legacy(Hash, 'validate_hash', $swift_account_config) - validate_legacy(Hash, 'validate_hash', $swift_container_config) - validate_legacy(Hash, 'validate_hash', $swift_object_config) - validate_legacy(Hash, 'validate_hash', $swift_internal_client_config) - create_resources('swift_config', $swift_config) create_resources('swift_container_sync_realms_config', $swift_container_sync_realms_config) create_resources('swift_proxy_config', $swift_proxy_config) diff --git a/manifests/containerreconciler.pp b/manifests/containerreconciler.pp index 45e7906b..58ccc1ae 100644 --- a/manifests/containerreconciler.pp +++ b/manifests/containerreconciler.pp @@ -75,19 +75,19 @@ # Defaults to $facts['os_service_default'] # class swift::containerreconciler( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $pipeline = ['catch_errors', 'proxy-logging', 'proxy-server'], - $interval = $facts['os_service_default'], - $reclaim_age = $facts['os_service_default'], - $request_tries = $facts['os_service_default'], - $service_provider = $::swift::params::service_provider, - $memcache_servers = ['127.0.0.1:11211'], - $cache_tls_enabled = false, - $cache_tls_cafile = $facts['os_service_default'], - $cache_tls_certfile = $facts['os_service_default'], - $cache_tls_keyfile = $facts['os_service_default'], + Boolean $manage_service = true, + Boolean $enabled = true, + $package_ensure = 'present', + Swift::Pipeline $pipeline = ['catch_errors', 'proxy-logging', 'proxy-server'], + $interval = $facts['os_service_default'], + $reclaim_age = $facts['os_service_default'], + $request_tries = $facts['os_service_default'], + $service_provider = $::swift::params::service_provider, + $memcache_servers = ['127.0.0.1:11211'], + $cache_tls_enabled = false, + $cache_tls_cafile = $facts['os_service_default'], + $cache_tls_certfile = $facts['os_service_default'], + $cache_tls_keyfile = $facts['os_service_default'], ) inherits swift::params { include swift::deps diff --git a/manifests/internal_client.pp b/manifests/internal_client.pp index 059b2384..4e95cd75 100644 --- a/manifests/internal_client.pp +++ b/manifests/internal_client.pp @@ -47,7 +47,7 @@ # class swift::internal_client ( $user = $::swift::params::user, - $pipeline = ['catch_errors', 'proxy-logging', 'cache', 'proxy-server'], + Swift::Pipeline $pipeline = ['catch_errors', 'proxy-logging', 'cache', 'proxy-server'], $object_chunk_size = $facts['os_service_default'], $client_chunk_size = $facts['os_service_default'], $read_affinity = undef, @@ -60,9 +60,7 @@ class swift::internal_client ( include swift::deps - validate_legacy(Array, 'validate_array', $pipeline) - - if empty($pipeline) or $pipeline[-1] != 'proxy-server' { + if $pipeline[-1] != 'proxy-server' { fail('proxy-server must be the last element in pipeline') } diff --git a/manifests/proxy.pp b/manifests/proxy.pp index 4ef361e6..bc2c3587 100644 --- a/manifests/proxy.pp +++ b/manifests/proxy.pp @@ -157,46 +157,42 @@ # class swift::proxy( $proxy_local_net_ip, - $port = '8080', - $pipeline = [ + $port = '8080', + Swift::Pipeline $pipeline = [ 'catch_errors', 'gatekeeper', 'healthcheck', 'proxy-logging', 'cache', 'listing_formats', 'tempauth', 'copy', 'proxy-logging', 'proxy-server'], - $workers = $facts['os_workers'], - $allow_account_management = true, - $account_autocreate = true, - $log_headers = 'False', - $log_udp_host = undef, - $log_udp_port = undef, - $log_address = '/dev/log', - $log_level = 'INFO', - $log_facility = 'LOG_LOCAL2', - $log_handoffs = $facts['os_service_default'], - $log_name = 'proxy-server', - $cors_allow_origin = undef, - $strict_cors_mode = true, - $object_chunk_size = $facts['os_service_default'], - $client_chunk_size = $facts['os_service_default'], - $max_containers_per_account = $facts['os_service_default'], - $max_containers_whitelist = $facts['os_service_default'], - $read_affinity = undef, - $write_affinity = undef, - $write_affinity_node_count = $facts['os_service_default'], - $client_timeout = $facts['os_service_default'], - $node_timeout = $facts['os_service_default'], - $recoverable_node_timeout = $facts['os_service_default'], - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $service_provider = $::swift::params::service_provider, - $purge_config = false, + $workers = $facts['os_workers'], + Boolean $allow_account_management = true, + Boolean $account_autocreate = true, + $log_headers = 'False', + $log_udp_host = undef, + $log_udp_port = undef, + $log_address = '/dev/log', + $log_level = 'INFO', + $log_facility = 'LOG_LOCAL2', + $log_handoffs = $facts['os_service_default'], + $log_name = 'proxy-server', + $cors_allow_origin = undef, + $strict_cors_mode = true, + $object_chunk_size = $facts['os_service_default'], + $client_chunk_size = $facts['os_service_default'], + $max_containers_per_account = $facts['os_service_default'], + $max_containers_whitelist = $facts['os_service_default'], + $read_affinity = undef, + $write_affinity = undef, + $write_affinity_node_count = $facts['os_service_default'], + $client_timeout = $facts['os_service_default'], + $node_timeout = $facts['os_service_default'], + $recoverable_node_timeout = $facts['os_service_default'], + Boolean $manage_service = true, + Boolean $enabled = true, + $package_ensure = 'present', + $service_provider = $::swift::params::service_provider, + $purge_config = false, ) inherits swift::params { include swift::deps - validate_legacy(Boolean, 'validate_bool', $account_autocreate) - validate_legacy(Boolean, 'validate_bool', $allow_account_management) - validate_legacy(Array, 'validate_array', $pipeline) - if (!is_service_default($write_affinity_node_count) and !$write_affinity) { fail('Usage of write_affinity_node_count requires write_affinity to be set') } @@ -211,7 +207,7 @@ class swift::proxy( warning('no auth type provided in the pipeline') } - if empty($pipeline) or $pipeline[-1] != 'proxy-server' { + if $pipeline[-1] != 'proxy-server' { fail('proxy-server must be the last element in pipeline') } diff --git a/manifests/proxy/ratelimit.pp b/manifests/proxy/ratelimit.pp index e958cc65..4f695b37 100644 --- a/manifests/proxy/ratelimit.pp +++ b/manifests/proxy/ratelimit.pp @@ -48,20 +48,17 @@ # Copyright 2012 eNovance licensing@enovance.com # class swift::proxy::ratelimit( - $clock_accuracy = $facts['os_service_default'], - $max_sleep_time_seconds = $facts['os_service_default'], - $log_sleep_time_seconds = $facts['os_service_default'], - $rate_buffer_seconds = $facts['os_service_default'], - $account_ratelimit = $facts['os_service_default'], - $container_ratelimit = {}, - $container_listing_ratelimit = {}, + $clock_accuracy = $facts['os_service_default'], + $max_sleep_time_seconds = $facts['os_service_default'], + $log_sleep_time_seconds = $facts['os_service_default'], + $rate_buffer_seconds = $facts['os_service_default'], + $account_ratelimit = $facts['os_service_default'], + Hash $container_ratelimit = {}, + Hash $container_listing_ratelimit = {}, ) { include swift::deps - validate_legacy(Hash, 'validate_hash', $container_ratelimit) - validate_legacy(Hash, 'validate_hash', $container_listing_ratelimit) - swift_proxy_config { 'filter:ratelimit/use': value => 'egg:swift#ratelimit'; 'filter:ratelimit/clock_accuracy': value => $clock_accuracy; diff --git a/manifests/proxy/tempauth.pp b/manifests/proxy/tempauth.pp index c3b83d25..183b9cd3 100644 --- a/manifests/proxy/tempauth.pp +++ b/manifests/proxy/tempauth.pp @@ -66,7 +66,7 @@ # Guilherme Maluf Balzana # class swift::proxy::tempauth ( - $account_user_list = [ + Array[Hash] $account_user_list = [ { 'user' => 'admin', 'account' => 'admin', @@ -74,41 +74,21 @@ class swift::proxy::tempauth ( 'groups' => [ 'admin', 'reseller_admin' ], }, ], - $reseller_prefix = undef, - $auth_prefix = undef, - $token_life = undef, - $allow_overrides = undef, - $storage_url_scheme = undef, + Optional[String[1]] $reseller_prefix = undef, + Optional[Pattern[/\/(.*)+\//]] $auth_prefix = undef, + Optional[Integer[0]] $token_life = undef, + Optional[Boolean] $allow_overrides = undef, + Optional[Enum['http', 'https', 'default']] $storage_url_scheme = undef, ) { include swift::deps - validate_legacy(Array, 'validate_array', $account_user_list) - if ($reseller_prefix) { - validate_legacy(String, 'validate_string', $reseller_prefix) $reseller_prefix_upcase = upcase($reseller_prefix) } else { $reseller_prefix_upcase = $reseller_prefix } - if ($token_life) { - validate_legacy(Integer, 'validate_integer', $token_life) - } - - if ($auth_prefix) { - validate_legacy(Pattern[/\/(.*)+\//], 'validate_re', $auth_prefix, ['\/(.*)+\/']) - } - - if ($allow_overrides) { - validate_legacy(Boolean, 'validate_bool', $allow_overrides) - } - - if ($storage_url_scheme) { - validate_legacy(Enum['http', 'https', 'default'], 'validate_re', - $storage_url_scheme, [['http', 'https', 'default']]) - } - swift_proxy_config { 'filter:tempauth/use': value => 'egg:swift#tempauth'; 'filter:tempauth/reseller_prefix': value => $reseller_prefix_upcase; @@ -123,7 +103,7 @@ class swift::proxy::tempauth ( # account_data is an array with each element containing a single account string: # ex [user__, . .] $account_user_list.each |$account_user| { - validate_legacy(Array, 'validate_array', $account_user['groups']) + validate_tempauth_account($account_user) $account_base = "user_${account_user['account']}_${account_user['user']}, ${account_user['key']}" $groups = empty($account_user) ? { diff --git a/manifests/ringbuilder/create.pp b/manifests/ringbuilder/create.pp index b5660676..c78048fc 100644 --- a/manifests/ringbuilder/create.pp +++ b/manifests/ringbuilder/create.pp @@ -1,10 +1,13 @@ +# == Class: swift::ringbuilder::create +# # Creates a swift ring using ringbuilder. # It creates the associated ring file as /etc/swift/${name}.builder # It will not create a ring if the file already exists. # # == Parameters # -# [*name*] The type of ring to create. Accepts object|container|account +# [*ring_type*] +# Optional. The type of ring to create. Accepts object|container|account # [*part_power*] Number of partitions in the ring. (specified as the power of 2) # Optional. Defaults to 18 (2^18) # [*replicas*] Number of replicas to store. @@ -33,24 +36,20 @@ # Copyright 2011 Puppetlabs Inc, unless otherwise noted. # define swift::ringbuilder::create( - $part_power = 18, - $replicas = 3, - $min_part_hours = 24, - $user = 'root' + Swift::RingType $ring_type = $name, + $part_power = 18, + $replicas = 3, + $min_part_hours = 24, + $user = 'root' ) { include swift::deps - validate_legacy( - Pattern[/^(object(-(\d)+)?|container|account)$/], 'validate_re', $name, - ['^(object(-(\d)+)?|container|account)$'] - ) - - exec { "create_${name}": - command => "swift-ring-builder /etc/swift/${name}.builder create ${part_power} ${replicas} ${min_part_hours}", + exec { "create_${ring_type}": + command => "swift-ring-builder /etc/swift/${ring_type}.builder create ${part_power} ${replicas} ${min_part_hours}", path => ['/usr/bin'], user => $user, - creates => "/etc/swift/${name}.builder", + creates => "/etc/swift/${ring_type}.builder", before => Anchor['swift::config::end'], } diff --git a/manifests/ringbuilder/policy_ring.pp b/manifests/ringbuilder/policy_ring.pp index ee93cce4..1776872b 100644 --- a/manifests/ringbuilder/policy_ring.pp +++ b/manifests/ringbuilder/policy_ring.pp @@ -1,18 +1,26 @@ # Used to build an additional object ring for a storage policy. # The namevar/name of this class must be an integer. # -# # Specifies the following relationship: # Rings should be created before any devices are added to them # Rings should be rebalanced if anything changes -# == Parameters -# [*title*] required. Title must be a positive integer. Title of this class -# is used to denote the storage policy ID for the object ring. # -# [*part_power*] The total number of partitions that should exist in the ring. +# == Parameters +# [*policy_id*] +# (required) The id must be a positive integer. This is used to denote +# the storage policy ID for the object ring. +# Defaults to $name +# +# [*part_power*] +# (optional) The total number of partitions that should exist in the ring. # This is expressed as a power of 2. -# [*replicas*] Number of replicas that should be maintained of each stored object. -# [*min_part_hours*] Minimum amount of time before partitions can be moved. +# +# [*replicas*] +# (optional) Number of replicas that should be maintained of each stored +# object. +# +# [*min_part_hours*] +# (optional) Minimum amount of time before partitions can be moved. # # == Dependencies # @@ -30,20 +38,19 @@ # Copyright 2011 Puppetlabs Inc, unless otherwise noted. # define swift::ringbuilder::policy_ring( - $part_power = undef, - $replicas = undef, - $min_part_hours = undef, + Pattern[/^\d+$/] $policy_id = $name, + $part_power = undef, + $replicas = undef, + $min_part_hours = undef, ) { - validate_legacy(Pattern[/^\d+$/], 'validate_re', $title, ['^\d+$']) - include swift::deps - Class['swift'] -> Swift::Ringbuilder::Policy_ring[$title] + Class['swift'] -> Swift::Ringbuilder::Policy_ring[$policy_id] - if $title == '0' { + if $policy_id == '0' { $ring_builder = 'object' } else { - $ring_builder = "object-${title}" + $ring_builder = "object-${policy_id}" } swift::ringbuilder::create{ $ring_builder : diff --git a/manifests/ringbuilder/rebalance.pp b/manifests/ringbuilder/rebalance.pp index fb3336f7..e65a8fd4 100644 --- a/manifests/ringbuilder/rebalance.pp +++ b/manifests/ringbuilder/rebalance.pp @@ -1,30 +1,26 @@ -# Swift::Ring::Rebalance +# == Class: swift::ringbuilder::rebalance +# # Reblances the specified ring. Assumes that the ring already exists # and is stored at /etc/swift/${name}.builder # # == Parameters # -# [*name*] Type of ring to rebalance. The ring file is assumed to be at the path -# /etc/swift/${name}.builder +# [*ring_type*] +# Optional. Type of ring to rebalance. The ring file is assumed to be at +# the path /etc/swift/${ring_type}.builder +# +# [*seed*] +# Optional. Seed value used to seed pythons pseudo-random for ringbuilding. # -# [*seed*] Optional. Seed value used to seed pythons pseudo-random for ringbuilding. define swift::ringbuilder::rebalance( - $seed = undef + Swift::RingType $ring_type = $name, + Optional[Variant[Integer[0], Pattern[/^\d+$/]]] $seed = undef ) { include swift::deps - validate_legacy( - Pattern[/^(object(-(\d)+)?|container|account)$/], 'validate_re', $name, - ['^(object(-(\d)+)?|container|account)$'] - ) - - if $seed and !($seed =~ Integer) { - validate_legacy(Pattern[/^\d+$/], 'validate_re', $seed, ['^\d+$']) - } - - exec { "rebalance_${name}": - command => strip("swift-ring-builder /etc/swift/${name}.builder rebalance ${seed}"), + exec { "rebalance_${ring_type}": + command => strip("swift-ring-builder /etc/swift/${ring_type}.builder rebalance ${seed}"), path => ['/usr/bin'], refreshonly => true, before => Anchor['swift::config::end'], diff --git a/manifests/ringsync.pp b/manifests/ringsync.pp index b2eee243..c0f2a847 100644 --- a/manifests/ringsync.pp +++ b/manifests/ringsync.pp @@ -2,16 +2,19 @@ # # [*ring_server*] # (required) IP or hostname of ring servers +# [*ring_type*] +# (optional) The type of ring to create. Accepts object|container|account # define swift::ringsync( - $ring_server + String[1] $ring_server, + Swift::RingType $ring_type = $name, ) { include swift::deps Exec { path => '/usr/bin' } - rsync::get { "/etc/swift/${name}.ring.gz": - source => "rsync://${ring_server}/swift_server/${name}.ring.gz", + rsync::get { "/etc/swift/${ring_type}.ring.gz": + source => "rsync://${ring_server}/swift_server/${ring_type}.ring.gz", } } diff --git a/manifests/storage/drive_audit.pp b/manifests/storage/drive_audit.pp index e1be873a..f84267b0 100644 --- a/manifests/storage/drive_audit.pp +++ b/manifests/storage/drive_audit.pp @@ -89,7 +89,7 @@ # [*regex_pattern*] # (Optional) Regular expression patterns to be used to locate device blocks # with errors in the log file. -# Defaults to $facts['os_service_default']. +# Defaults to {} # # [*purge_config*] # (Optional) Whether to set only the specified config options in the drive @@ -98,36 +98,34 @@ # class swift::storage::drive_audit( # cron options - $user = $::swift::params::user, - $minute = 1, - $hour = 0, - $monthday = '*', - $month = '*', - $weekday = '*', - $maxdelay = 0, + $user = $::swift::params::user, + $minute = 1, + $hour = 0, + $monthday = '*', + $month = '*', + $weekday = '*', + $maxdelay = 0, # drive-audit.conf options - $log_facility = 'LOG_LOCAL2', - $log_level = 'INFO', - $log_address = '/dev/log', - $log_name = 'drive-audit', - $log_udp_host = undef, - $log_udp_port = undef, - $device_dir = '/srv/node', - $minutes = $facts['os_service_default'], - $error_limit = $facts['os_service_default'], - $recon_cache_path = $facts['os_service_default'], - $log_file_pattern = $facts['os_service_default'], - $log_file_encoding = $facts['os_service_default'], - $log_to_console = $facts['os_service_default'], - $unmount_failed_device = $facts['os_service_default'], - $regex_pattern = {}, - $purge_config = false, + $log_facility = 'LOG_LOCAL2', + $log_level = 'INFO', + $log_address = '/dev/log', + $log_name = 'drive-audit', + $log_udp_host = undef, + $log_udp_port = undef, + $device_dir = '/srv/node', + $minutes = $facts['os_service_default'], + $error_limit = $facts['os_service_default'], + $recon_cache_path = $facts['os_service_default'], + $log_file_pattern = $facts['os_service_default'], + $log_file_encoding = $facts['os_service_default'], + $log_to_console = $facts['os_service_default'], + $unmount_failed_device = $facts['os_service_default'], + Hash[String[1], String[1]] $regex_pattern = {}, + $purge_config = false, ) inherits swift::params { include swift::deps - validate_legacy(Hash, 'validate_hash', $regex_pattern) - resources { 'swift_drive_audit_config': purge => $purge_config, } diff --git a/manifests/storage/generic.pp b/manifests/storage/generic.pp index fe25c026..e7d331df 100644 --- a/manifests/storage/generic.pp +++ b/manifests/storage/generic.pp @@ -2,6 +2,9 @@ # needed to deploy each type of storage server. # # == Parameters +# [*type*] +# (optional) The type of device, e.g. account, object, or container. +# # [*enabled*] # (optional) Should the service be enabled to start # at boot. Defaults to true @@ -31,28 +34,26 @@ # Requires Class[swift::storage] # define swift::storage::generic( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $config_file_name = "${name}-server.conf", - $service_provider = $::swift::params::service_provider + Swift::StorageServerType $type = $name, + Boolean $manage_service = true, + Boolean $enabled = true, + $package_ensure = 'present', + $config_file_name = "${name}-server.conf", + $service_provider = $::swift::params::service_provider ) { include swift::deps include swift::params - Class['swift::storage'] -> Swift::Storage::Generic[$name] + Class['swift::storage'] -> Swift::Storage::Generic[$type] - validate_legacy(Enum['object', 'container', 'account'], 'validate_re', - $name, ['^object|container|account$']) - - package { "swift-${name}": + package { "swift-${type}": ensure => $package_ensure, - name => getvar("::swift::params::${name}_package_name"), + name => getvar("::swift::params::${type}_package_name"), tag => ['openstack', 'swift-package'], } - file { "/etc/swift/${name}-server/": + file { "/etc/swift/${type}-server/": ensure => directory, owner => $::swift::params::user, group => $::swift::params::group, @@ -67,24 +68,24 @@ define swift::storage::generic( $service_ensure = 'stopped' } - swift::service { "swift-${name}-server": - os_family_service_name => getvar("::swift::params::${name}_server_service_name"), + swift::service { "swift-${type}-server": + os_family_service_name => getvar("::swift::params::${type}_server_service_name"), service_ensure => $service_ensure, enabled => $enabled, config_file_name => $config_file_name, service_provider => $service_provider, } - swift::service { "swift-${name}-replicator": - os_family_service_name => getvar("::swift::params::${name}_replicator_service_name"), + swift::service { "swift-${type}-replicator": + os_family_service_name => getvar("::swift::params::${type}_replicator_service_name"), service_ensure => $service_ensure, enabled => $enabled, config_file_name => $config_file_name, service_provider => $service_provider, } - swift::service { "swift-${name}-auditor": - os_family_service_name => getvar("::swift::params::${name}_auditor_service_name"), + swift::service { "swift-${type}-auditor": + os_family_service_name => getvar("::swift::params::${type}_auditor_service_name"), service_ensure => $service_ensure, enabled => $enabled, config_file_name => $config_file_name, diff --git a/manifests/storage/mount.pp b/manifests/storage/mount.pp index 79a93652..ff564221 100644 --- a/manifests/storage/mount.pp +++ b/manifests/storage/mount.pp @@ -23,9 +23,9 @@ # define swift::storage::mount( $device, - $mnt_base_dir = '/srv/node', - $loopback = false, - $fstype = 'xfs' + Stdlib::Absolutepath $mnt_base_dir = '/srv/node', + Boolean $loopback = false, + String[1] $fstype = 'xfs' ) { include swift::deps diff --git a/manifests/storage/node.pp b/manifests/storage/node.pp index 6c614de0..0af710f5 100644 --- a/manifests/storage/node.pp +++ b/manifests/storage/node.pp @@ -43,7 +43,7 @@ # Defaults to undef define swift::storage::node( $mnt_base_dir, - $zone, + Variant[Integer, Pattern[/^\d+$/]] $zone, $weight = 1, $owner = undef, $group = undef, @@ -54,11 +54,6 @@ define swift::storage::node( include swift::deps - if ! $zone =~ Integer { - validate_legacy(Pattern[/^\d+$/], 'validate_re', $zone, - ['^\d+$', 'The zone parameter must be an integer']) - } - Swift::Storage::Server { storage_local_net_ip => $storage_local_net_ip, devices => $mnt_base_dir, diff --git a/manifests/storage/server.pp b/manifests/storage/server.pp index 054c9525..b31c3087 100644 --- a/manifests/storage/server.pp +++ b/manifests/storage/server.pp @@ -4,16 +4,17 @@ # # === Parameters: # -# [*title*] The port the server will be exposed to -# Mandatory. Usually 6000, 6001 and 6002 for respectively -# object, container and account. -# # [*type*] # (required) The type of device, e.g. account, object, or container. # # [*storage_local_net_ip*] # (required) This is the ip that the storage service will bind to when it starts. # +# [*bind_port*] +# (optional) The port the server will be exposed to Usually 6000, 6001 and +# 6002 for respectively object, container and account. +# Defaults to $name +# # [*devices*] # (optional) The directory where the physical storage device will be mounted. # Defaults to '/srv/node'. @@ -224,58 +225,59 @@ # Default to $facts['os_service_default']. # define swift::storage::server( - $type, + Swift::StorageServerType $type, $storage_local_net_ip, - $devices = '/srv/node', - $rsync_module_per_device = false, - $device_names = [], - $owner = undef, - $group = undef, - $max_connections = 25, - $hosts_allow = undef, - $hosts_deny = undef, - $incoming_chmod = 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r', - $outgoing_chmod = 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r', - $pipeline = ["${type}-server"], - $mount_check = true, - $disable_fallocate = $facts['os_service_default'], - $fallocate_reserve = $facts['os_service_default'], - $server_fallocate_reserve = $facts['os_service_default'], - $servers_per_port = $facts['os_service_default'], - $user = undef, - $workers = $facts['os_workers'], - $replicator_concurrency = 1, - $replicator_interval = $facts['os_service_default'], - $updater_concurrency = 1, - $reaper_concurrency = 1, - $log_facility = 'LOG_LOCAL2', - $log_level = 'INFO', - $log_address = '/dev/log', - $log_name = "${type}-server", - $log_udp_host = undef, - $log_udp_port = undef, - $log_requests = true, + Pattern[/^\d+$/] $bind_port = $name, + $devices = '/srv/node', + Boolean $rsync_module_per_device = false, + Array[String[1]] $device_names = [], + $owner = undef, + $group = undef, + $max_connections = 25, + $hosts_allow = undef, + $hosts_deny = undef, + $incoming_chmod = 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r', + $outgoing_chmod = 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r', + Swift::Pipeline $pipeline = ["${type}-server"], + $mount_check = true, + $disable_fallocate = $facts['os_service_default'], + $fallocate_reserve = $facts['os_service_default'], + $server_fallocate_reserve = $facts['os_service_default'], + $servers_per_port = $facts['os_service_default'], + $user = undef, + $workers = $facts['os_workers'], + $replicator_concurrency = 1, + $replicator_interval = $facts['os_service_default'], + $updater_concurrency = 1, + $reaper_concurrency = 1, + $log_facility = 'LOG_LOCAL2', + $log_level = 'INFO', + $log_address = '/dev/log', + $log_name = "${type}-server", + $log_udp_host = undef, + $log_udp_port = undef, + $log_requests = true, # this parameters needs to be specified after type and name - $config_file_path = "${type}-server.conf", - $statsd_enabled = false, - $log_statsd_host = 'localhost', - $log_statsd_port = $facts['os_service_default'], - $log_statsd_default_sample_rate = $facts['os_service_default'], - $log_statsd_sample_rate_factor = $facts['os_service_default'], - $log_statsd_metric_prefix = $facts['os_service_default'], - $network_chunk_size = $facts['os_service_default'], - $disk_chunk_size = $facts['os_service_default'], - $client_timeout = $facts['os_service_default'], - $auditor_disk_chunk_size = $facts['os_service_default'], - $rsync_timeout = $facts['os_service_default'], - $rsync_bwlimit = $facts['os_service_default'], - $splice = $facts['os_service_default'], - $object_server_mb_per_sync = $facts['os_service_default'], + $config_file_path = "${type}-server.conf", + Boolean $statsd_enabled = false, + $log_statsd_host = 'localhost', + $log_statsd_port = $facts['os_service_default'], + $log_statsd_default_sample_rate = $facts['os_service_default'], + $log_statsd_sample_rate_factor = $facts['os_service_default'], + $log_statsd_metric_prefix = $facts['os_service_default'], + $network_chunk_size = $facts['os_service_default'], + $disk_chunk_size = $facts['os_service_default'], + $client_timeout = $facts['os_service_default'], + $auditor_disk_chunk_size = $facts['os_service_default'], + $rsync_timeout = $facts['os_service_default'], + $rsync_bwlimit = $facts['os_service_default'], + Variant[Openstacklib::ServiceDefault, Boolean] $splice = $facts['os_service_default'], + $object_server_mb_per_sync = $facts['os_service_default'], # These parameters only apply to container-server.conf, # and define options for the container-sharder service. - $container_sharder_auto_shard = $facts['os_service_default'], - $container_sharder_concurrency = $facts['os_service_default'], - $container_sharder_interval = $facts['os_service_default'], + $container_sharder_auto_shard = $facts['os_service_default'], + $container_sharder_concurrency = $facts['os_service_default'], + $container_sharder_interval = $facts['os_service_default'], ){ include swift::deps @@ -283,31 +285,17 @@ define swift::storage::server( $user_real = pick($user, $::swift::params::user) - # Warn if ${type-server} isn't included in the pipeline - $pipeline_array = any2array($pipeline) - if empty($pipeline_array) or $pipeline_array[-1] != "${type}-server" { + # Fail if ${type-server} isn't included in the pipeline + if $pipeline[-1] != "${type}-server" { fail("${type}-server must be the last element in pipeline") } - if ($log_udp_port and !$log_udp_host) { fail ('log_udp_port requires log_udp_host to be set') } include "::swift::storage::${type}" - validate_legacy(Pattern[/^\d+$/], 'validate_re', $name, ['^\d+$']) - validate_legacy(Enum['object', 'container', 'account'], 'validate_re', - $type, ['^object|container|account$']) - validate_legacy(Array, 'validate_array', $pipeline) - validate_legacy(Array, 'validate_array', $device_names) - - if ! is_service_default($splice) { - validate_legacy(Boolean, 'validate_bool', $splice) - } - - $bind_port = $name - # rsync::server should be included before rsync::server::module include swift::storage if $rsync_module_per_device { @@ -348,7 +336,6 @@ define swift::storage::server( $config_file_full_path = "/etc/swift/${config_file_path}" - $required_middlewares = split( inline_template( "<%= diff --git a/manifests/storage/xfs.pp b/manifests/storage/xfs.pp index a7252909..6eeee224 100644 --- a/manifests/storage/xfs.pp +++ b/manifests/storage/xfs.pp @@ -42,12 +42,12 @@ # it already has an XFS FS, and mounts de FS in /srv/node/sdX # define swift::storage::xfs( - $device = '', - $byte_size = '1024', - $mnt_base_dir = '/srv/node', - $loopback = false, - $mount_type = 'path', - $manage_filesystem = true, + $device = '', + $byte_size = '1024', + Stdlib::Absolutepath $mnt_base_dir = '/srv/node', + Boolean $loopback = false, + $mount_type = 'path', + Boolean $manage_filesystem = true, ) { include swift::deps @@ -107,6 +107,4 @@ define swift::storage::xfs( mnt_base_dir => $mnt_base_dir, loopback => $loopback, } - - } diff --git a/spec/functions/validate_tempauth_account_spec.rb b/spec/functions/validate_tempauth_account_spec.rb new file mode 100644 index 00000000..2f59aec5 --- /dev/null +++ b/spec/functions/validate_tempauth_account_spec.rb @@ -0,0 +1,133 @@ +require 'spec_helper' + +describe 'validate_tempauth_account' do + it 'exists' do + is_expected.not_to eq(nil) + end + + it 'works with valid entries (string keys)' do + is_expected.to run.with_params({ + 'user' => 'swiftuser', + 'account' => 'swiftaccount', + 'key' => 'secret', + 'groups' => ['swiftgroup'], + }) + end + + it 'works with valid entries (sym keys)' do + is_expected.to run.with_params({ + :user => 'swiftuser', + :account => 'swiftaccount', + :key => 'secret', + :groups => ['swiftgroup'], + }) + end + + it 'throws error with more than one argument' do + is_expected.to run.with_params({ + :user => 'swiftuser', + :account => 'swiftaccount', + :key => 'secret', + :groups => ['swiftgroup'], + }, { + :user => 'swiftuser', + :account => 'swiftaccount', + :key => 'secret', + :groups => ['swiftgroup'], + }).and_raise_error(Puppet::Error) + end + + it 'fails with no arguments' do + is_expected.to run.with_params.and_raise_error(Puppet::Error) + end + + # missing keys + it 'fails when user is missing' do + is_expected.to run.with_params({ + :account => 'swiftaccount', + :key => 'secret', + :groups => ['swiftgroup'], + }).and_raise_error(Puppet::Error) + end + it 'fails when account is missing' do + is_expected.to run.with_params({ + :user => 'swiftuser', + :key => 'secret', + :groups => ['swiftgroup'], + }).and_raise_error(Puppet::Error) + end + it 'fails when key is missing' do + is_expected.to run.with_params({ + :user => 'swiftuser', + :account => 'swiftaccount', + :groups => ['swiftgroup'], + }).and_raise_error(Puppet::Error) + end + it 'fails when groups is missing' do + is_expected.to run.with_params({ + :user => 'swiftuser', + :account => 'swiftaccount', + :key => 'secret', + }).and_raise_error(Puppet::Error) + end + + # wrong type + it 'fails when user is not a string' do + is_expected.to run.with_params({ + :user => ['swiftuser'], + :account => 'swiftaccount', + :key => 'secret', + :groups => ['swiftgroup'], + }).and_raise_error(Puppet::Error) + end + it 'fails when account is not a string' do + is_expected.to run.with_params({ + :user => 'swiftuser', + :account => ['swiftaccount'], + :key => 'secret', + :groups => ['swiftgroup'], + }).and_raise_error(Puppet::Error) + end + it 'fails when key is not a string' do + is_expected.to run.with_params({ + :user => 'swiftuser', + :account => 'swiftaccount', + :key => ['secret'], + :groups => ['swiftgroup'], + }).and_raise_error(Puppet::Error) + end + it 'fails when group is not an array' do + is_expected.to run.with_params({ + :user => 'swiftuser', + :account => 'swiftaccount', + :key => 'secret', + :groups => 'swiftgroup', + }).and_raise_error(Puppet::Error) + end + + # empty + it 'fails when user is empty' do + is_expected.to run.with_params({ + :user => '', + :account => 'swiftaccount', + :key => 'secret', + :groups => ['swiftgroup'], + }).and_raise_error(Puppet::Error) + end + it 'fails when account is empty' do + is_expected.to run.with_params({ + :user => 'swiftuser', + :account => '', + :key => 'secret', + :groups => ['swiftgroup'], + }).and_raise_error(Puppet::Error) + end + it 'fails when key is empty' do + is_expected.to run.with_params({ + :user => 'swiftuser', + :account => 'swiftaccount', + :key => '', + :groups => ['swiftgroup'], + }).and_raise_error(Puppet::Error) + end +end diff --git a/spec/type_aliases/ringtype_spec.rb b/spec/type_aliases/ringtype_spec.rb new file mode 100644 index 00000000..cea7786a --- /dev/null +++ b/spec/type_aliases/ringtype_spec.rb @@ -0,0 +1,29 @@ +require 'spec_helper' + +describe 'Swift::RingType' do + describe 'valid types' do + context 'with valid types' do + [ + 'account', + 'container', + 'object', + 'object-0', + 'object-10' + ].each do |value| + it { is_expected.to allow_value(value) } + end + end + end + + describe 'invalid types' do + context 'with invalid types' do + [ + 'foo', + 'object-', + 'object-a' + ].each do |value| + it { is_expected.not_to allow_value(value) } + end + end + end +end diff --git a/spec/type_aliases/storageservertype_spec.rb b/spec/type_aliases/storageservertype_spec.rb new file mode 100644 index 00000000..7ffd2828 --- /dev/null +++ b/spec/type_aliases/storageservertype_spec.rb @@ -0,0 +1,27 @@ +require 'spec_helper' + +describe 'Swift::StorageServerType' do + describe 'valid types' do + context 'with valid types' do + [ + 'account', + 'container', + 'object', + ].each do |value| + it { is_expected.to allow_value(value) } + end + end + end + + describe 'invalid types' do + context 'with invalid types' do + [ + 'foo', + 'object-', + 'object-0' + ].each do |value| + it { is_expected.not_to allow_value(value) } + end + end + end +end diff --git a/types/pipeline.pp b/types/pipeline.pp new file mode 100644 index 00000000..70c08069 --- /dev/null +++ b/types/pipeline.pp @@ -0,0 +1 @@ +type Swift::Pipeline = Array[String[1], 1] diff --git a/types/ringtype.pp b/types/ringtype.pp new file mode 100644 index 00000000..6a8099b2 --- /dev/null +++ b/types/ringtype.pp @@ -0,0 +1,8 @@ +type Swift::RingType = Variant[ + Enum[ + 'account', + 'container', + 'object' + ], + Pattern[/^object-\d+$/] +] diff --git a/types/storageservertype.pp b/types/storageservertype.pp new file mode 100644 index 00000000..16f745c3 --- /dev/null +++ b/types/storageservertype.pp @@ -0,0 +1,5 @@ +type Swift::StorageServerType = Enum[ + 'account', + 'container', + 'object' +]