openstack
/
puppet-tripleo
Code Issues Proposed changes

Allow disabling puppet tasks to configure apache/vhost 

The new parameter allows to toggle the apache configuration management.
This will be useful once we get [1] so that we can migrate services to
the new configuration management one by one.

[1] https://review.opendev.org/c/openstack/tripleo-ansible/+/853481

Change-Id: Id1ddbae4946e5c428d0f21ef89e20a11665a370e
This commit is contained in:
Cédric Jeanneret 2022-08-24 11:37:09 +02:00
parent fa9c791fb7
commit 0592be3ad6
17 changed files with 210 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
manifests/profile/base/aodh/api.pp
View File

@ -52,6 +52,10 @@
# (Optional) Whether aodh expirer should be configured
# Defaults to lookup('enable_aodh_expirer', undef, undef, true)
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::aodh::api (
$aodh_network = lookup('aodh_api_network', undef, undef, undef),
$bootstrap_node = lookup('aodh_api_bootstrap_node_name', undef, undef, undef),
@ -59,6 +63,7 @@ class tripleo::profile::base::aodh::api (
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
$step = Integer(lookup('step')),
$enable_aodh_expirer = true,
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$is_bootstrap = true
@ -83,10 +88,12 @@ class tripleo::profile::base::aodh::api (
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
include aodh::api
include aodh::healthcheck
include tripleo::profile::base::apache
class { 'aodh::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
class { 'aodh::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}

17
manifests/profile/base/barbican/api.pp
View File

@ -95,7 +95,11 @@
# [*oslomsg_notify_use_ssl*]
# Enable ssl oslo messaging services
# Defaults to lookup('oslo_messaging_notify_use_ssl', undef, undef, '0')
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::barbican::api (
$barbican_network = lookup('barbican_api_network', undef, undef, undef),
$bootstrap_node = lookup('barbican_api_bootstrap_node_name', undef, undef, undef),
@ -114,6 +118,7 @@ class tripleo::profile::base::barbican::api (
$oslomsg_notify_port = lookup('oslo_messaging_notify_port', undef, undef, '5672'),
$oslomsg_notify_username = lookup('oslo_messaging_notify_user_name', undef, undef, 'guest'),
$oslomsg_notify_use_ssl = lookup('oslo_messaging_notify_use_ssl', undef, undef, '0'),
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$sync_db = true
@ -165,10 +170,12 @@ class tripleo::profile::base::barbican::api (
include barbican::healthcheck
include barbican::keystone::notification
include barbican::quota
include tripleo::profile::base::apache
class { 'barbican::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
class { 'barbican::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}
}

15
manifests/profile/base/cinder/api.pp
View File

@ -48,12 +48,17 @@
# for more details.
# Defaults to Integer(lookup('step'))
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::cinder::api (
$bootstrap_node = lookup('cinder_api_short_bootstrap_node_name', undef, undef, undef),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
$cinder_api_network = lookup('cinder_api_network', undef, undef, undef),
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
$step = Integer(lookup('step')),
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
@ -81,10 +86,12 @@ class tripleo::profile::base::cinder::api (
sync_db => $sync_db,
}
include cinder::healthcheck
include tripleo::profile::base::apache
class { 'cinder::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
class { 'cinder::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}
}

17
manifests/profile/base/designate/api.pp
View File

@ -56,13 +56,18 @@
# listen port gets default value from designate::wsgi::apache)
# Defaults to undef
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::designate::api (
$step = Integer(lookup('step')),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
$designate_network = lookup('designate_api_network', undef, undef, undef),
$listen_ip = undef,
$listen_port = undef
$listen_port = undef,
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
include tripleo::profile::base::designate
include tripleo::profile::base::designate::authtoken
@ -86,10 +91,12 @@ class tripleo::profile::base::designate::api (
listen => "${listen_uri}:${listen_port}"
}
} else {
include tripleo::profile::base::apache
class { 'designate::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile
if $configure_apache {
include tripleo::profile::base::apache
class { 'designate::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile
}
}
include designate::api
}

23
manifests/profile/base/glance/api.pp
View File

@ -131,6 +131,10 @@
# (optional) Whether to enable caching
# defaults to false
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
# DEPRECATED PARAMETERS
#
# [*glance_rbd_client_name*]
@ -163,6 +167,7 @@ class tripleo::profile::base::glance::api (
$tls_proxy_port = 9292,
$glance_enable_db_purge = true,
$glance_enable_cache = false,
$configure_apache = lookup('configure_apache', undef, undef, true),
# DEPRECATED PARAMETERS
$glance_rbd_client_name = undef,
) {
@ -188,15 +193,17 @@ class tripleo::profile::base::glance::api (
$tls_certfile = $certificates_specs["httpd-${glance_network}"]['service_certificate']
$tls_keyfile = $certificates_specs["httpd-${glance_network}"]['service_key']
tripleo::tls_proxy { 'glance-api':
servername => $tls_proxy_fqdn,
ip => $tls_proxy_bind_ip,
port => $tls_proxy_port,
tls_cert => $tls_certfile,
tls_key => $tls_keyfile,
notify => Class['glance::api'],
if $configure_apache {
tripleo::tls_proxy { 'glance-api':
servername => $tls_proxy_fqdn,
ip => $tls_proxy_bind_ip,
port => $tls_proxy_port,
tls_cert => $tls_certfile,
tls_key => $tls_keyfile,
notify => Class['glance::api'],
}
include tripleo::profile::base::apache
}
include tripleo::profile::base::apache
}
$multistore_backends = $multistore_config.map |$backend_config| {

15
manifests/profile/base/gnocchi/api.pp
View File

@ -64,6 +64,10 @@
# (Optional) Storage driver to use for incoming metric data
# Defaults to lookup('incoming_storage_driver', undef, undef, undef)
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::gnocchi::api (
$bootstrap_node = lookup('gnocchi_api_short_bootstrap_node_name', undef, undef, undef),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
@ -74,6 +78,7 @@ class tripleo::profile::base::gnocchi::api (
$redis_vip = lookup('redis_vip'),
$step = Integer(lookup('step')),
$incoming_storage_driver = lookup('incoming_storage_driver', undef, undef, undef),
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$sync_db = true
@ -113,10 +118,12 @@ class tripleo::profile::base::gnocchi::api (
}
include gnocchi::api
include tripleo::profile::base::apache
class { 'gnocchi::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
class { 'gnocchi::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
if $incoming_storage_driver == 'redis' {

15
manifests/profile/base/heat/api.pp
View File

@ -48,12 +48,17 @@
# for more details.
# Defaults to Integer(lookup('step'))
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::heat::api (
$bootstrap_node = lookup('heat_api_short_bootstrap_node_name', undef, undef, undef),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
$heat_api_network = lookup('heat_api_network', undef, undef, undef),
$step = Integer(lookup('step')),
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$is_bootstrap = true
@ -77,10 +82,12 @@ class tripleo::profile::base::heat::api (
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
include heat::api
include heat::healthcheck
include tripleo::profile::base::apache
class { 'heat::wsgi::apache_api':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
class { 'heat::wsgi::apache_api':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}
}

15
manifests/profile/base/heat/api_cfn.pp
View File

@ -48,12 +48,17 @@
# for more details.
# Defaults to Integer(lookup('step'))
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::heat::api_cfn (
$bootstrap_node = lookup('heat_api_cfn_short_bootstrap_node_name', undef, undef, undef),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
$heat_api_cfn_network = lookup('heat_api_cfn_network', undef, undef, undef),
$step = Integer(lookup('step')),
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$is_bootstrap = true
@ -77,10 +82,12 @@ class tripleo::profile::base::heat::api_cfn (
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
include heat::api_cfn
include heat::healthcheck
include tripleo::profile::base::apache
class { 'heat::wsgi::apache_api_cfn':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
class { 'heat::wsgi::apache_api_cfn':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}
}

15
manifests/profile/base/ironic/api.pp
View File

@ -47,12 +47,17 @@
# (Optional) The current step of the deployment
# Defaults to Integer(lookup('step'))
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::ironic::api (
$bootstrap_node = lookup('ironic_api_short_bootstrap_node_name', undef, undef, undef),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
$ironic_api_network = lookup('ironic_api_network', undef, undef, undef),
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
$step = Integer(lookup('step')),
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
include tripleo::profile::base::ironic
include tripleo::profile::base::ironic::authtoken
@ -78,10 +83,12 @@ class tripleo::profile::base::ironic::api (
include ironic::api
include ironic::cors
include ironic::healthcheck
include tripleo::profile::base::apache
class { 'ironic::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
class { 'ironic::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}

15
manifests/profile/base/keystone.pp
View File

@ -150,6 +150,10 @@
# (Optional) oslo.cache backend used for caching.
# Defaults to lookup('keystone::cache::backend', undef, undef, false)
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
# DEPRECATED PARAMETERS
#
# [*memcached_ips*]
@ -187,6 +191,7 @@ class tripleo::profile::base::keystone (
$memcached_port = lookup('memcached_port', undef, undef, 11211),
$memcached_ipv6 = lookup('memcached_ipv6', undef, undef, false),
$cache_backend = lookup('keystone::cache::backend', undef, undef, false),
$configure_apache = lookup('configure_apache', undef, undef, true),
# DEPRECATED PARAMETERS
$memcached_ips = undef
) {
@ -266,10 +271,12 @@ class tripleo::profile::base::keystone (
include keystone::config
include keystone::db
include keystone::logging
include tripleo::profile::base::apache
class { 'keystone::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
class { 'keystone::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
include keystone::cors
include keystone::security_compliance

17
manifests/profile/base/manila/api.pp
View File

@ -92,6 +92,10 @@
# (Optional) Whether to enable db purging
# Defaults to true
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::manila::api (
$enabled_share_protocols = lookup('manila_enabled_share_protocols', undef, undef, undef),
$backend_generic_enabled = lookup('manila_backend_generic_enabled', undef, undef, false),
@ -109,6 +113,7 @@ class tripleo::profile::base::manila::api (
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
$step = Integer(lookup('step')),
$manila_enable_db_purge = true,
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$sync_db = true
@ -131,7 +136,9 @@ class tripleo::profile::base::manila::api (
}
if $step >= 4 or ($step >= 3 and $sync_db) {
include tripleo::profile::base::apache
if $configure_apache {
include tripleo::profile::base::apache
}
unless empty($enabled_share_protocols) {
$enabled_share_protocols_real = join(any2array($enabled_share_protocols), ',')
@ -160,9 +167,11 @@ class tripleo::profile::base::manila::api (
enabled_share_protocols => $enabled_share_protocols_real
}
include manila::healthcheck
class { 'manila::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
class { 'manila::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}

35
manifests/profile/base/neutron/server.pp
View File

@ -86,6 +86,10 @@
# (Optional) Indicate whether Designate is available in the deployment.
# Defaults to lookup('designate_api_enabled', undef, undef, false)
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::neutron::server (
$bootstrap_node = lookup('neutron_api_short_bootstrap_node_name', undef, undef, undef),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
@ -99,6 +103,7 @@ class tripleo::profile::base::neutron::server (
$tls_proxy_fqdn = undef,
$tls_proxy_port = 9696,
$designate_api_enabled = lookup('designate_api_enabled', undef, undef, false),
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$sync_db = true
@ -131,20 +136,22 @@ class tripleo::profile::base::neutron::server (
}
if $step >= 4 or ($step >= 3 and $sync_db) {
include tripleo::profile::base::apache
if $enable_internal_tls {
::tripleo::tls_proxy { 'neutron-api':
servername => $tls_proxy_fqdn,
ip => $tls_proxy_bind_ip,
port => $tls_proxy_port,
tls_cert => $tls_certfile,
tls_key => $tls_keyfile,
}
Tripleo::Tls_proxy['neutron-api'] ~> Anchor<| title == 'neutron::service::begin' |>
} else {
class { 'neutron::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
if $enable_internal_tls {
::tripleo::tls_proxy { 'neutron-api':
servername => $tls_proxy_fqdn,
ip => $tls_proxy_bind_ip,
port => $tls_proxy_port,
tls_cert => $tls_certfile,
tls_key => $tls_keyfile,
}
Tripleo::Tls_proxy['neutron-api'] ~> Anchor<| title == 'neutron::service::begin' |>
} else {
class { 'neutron::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}
if $designate_api_enabled {

15
manifests/profile/base/nova/api.pp
View File

@ -54,6 +54,10 @@
# (Optional) Wheter to enable db purging
# Defaults to lookup('nova_enable_db_purge', undef, undef, true)
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
class tripleo::profile::base::nova::api (
$bootstrap_node = lookup('nova_api_short_bootstrap_node_name', undef, undef, undef),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
@ -62,6 +66,7 @@ class tripleo::profile::base::nova::api (
$step = Integer(lookup('step')),
$nova_enable_db_archive = lookup('nova_enable_db_archive', undef, undef, true),
$nova_enable_db_purge = lookup('nova_enable_db_purge', undef, undef, true),
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$sync_db = true
@ -98,10 +103,12 @@ class tripleo::profile::base::nova::api (
}
if $step >= 4 or ($step >= 3 and $sync_db) {
include tripleo::profile::base::apache
class { 'nova::wsgi::apache_api':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
class { 'nova::wsgi::apache_api':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}

15
manifests/profile/base/nova/metadata.pp
View File

@ -46,12 +46,17 @@
# for more details.
# Defaults to Integer(lookup('step'))
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
class tripleo::profile::base::nova::metadata (
$bootstrap_node = lookup('nova_metadata_short_bootstrap_node_name', undef, undef, undef),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
$nova_metadata_network = lookup('nova_metadata_network', undef, undef, undef),
$step = Integer(lookup('step')),
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$is_bootstrap = true
@ -78,10 +83,12 @@ class tripleo::profile::base::nova::metadata (
include nova::network::neutron
include nova::metadata
include nova::vendordata
include tripleo::profile::base::apache
class { 'nova::wsgi::apache_metadata':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
class { 'nova::wsgi::apache_metadata':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}
}

15
manifests/profile/base/octavia/api.pp
View File

@ -63,6 +63,10 @@
# Defaults to undef
# Not used any more.
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::octavia::api (
$bootstrap_node = lookup('octavia_api_short_bootstrap_node_name', undef, undef, undef),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
@ -72,6 +76,7 @@ class tripleo::profile::base::octavia::api (
$ovn_db_host = undef,
$ovn_nb_port = undef,
$neutron_driver = undef,
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$sync_db = true
@ -107,10 +112,12 @@ Use tripleo::profile::base::octavia::provider::ovn.')
sync_db => $sync_db,
}
include octavia::healthcheck
include tripleo::profile::base::apache
class { 'octavia::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile
if $configure_apache {
include tripleo::profile::base::apache
class { 'octavia::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile
}
}
}
}

17
manifests/profile/base/placement/api.pp
View File

@ -46,12 +46,17 @@
# for more details.
# Defaults to Integer(lookup('step'))
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::placement::api (
$bootstrap_node = lookup('placement_short_bootstrap_node_name', undef, undef, undef),
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
$placement_network = lookup('placement_network', undef, undef, undef),
$step = Integer(lookup('step')),
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$is_bootstrap = true
@ -74,11 +79,13 @@ class tripleo::profile::base::placement::api (
}
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
include tripleo::profile::base::apache
include placement::api
class { 'placement::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
if $configure_apache {
include tripleo::profile::base::apache
include placement::api
class { 'placement::wsgi::apache':
ssl_cert => $tls_certfile,
ssl_key => $tls_keyfile,
}
}
}
}

23
manifests/profile/base/swift/proxy.pp
View File

@ -103,6 +103,10 @@
# Whether the pycadf audit middleware is is enabled.
# Defaults to false
#
# [*configure_apache*]
# (Optional) Whether apache is configured via puppet or not.
# Defaults to lookup('configure_apache', undef, undef, true)
#
class tripleo::profile::base::swift::proxy (
$bootstrap_node = lookup('swift_proxy_short_bootstrap_node_name', undef, undef, undef),
$ceilometer_enabled = true,
@ -122,6 +126,7 @@ class tripleo::profile::base::swift::proxy (
$tls_proxy_fqdn = undef,
$tls_proxy_port = 8080,
$audit_enabled = false,
$configure_apache = lookup('configure_apache', undef, undef, true),
) {
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
$is_bootstrap = true
@ -136,15 +141,17 @@ class tripleo::profile::base::swift::proxy (
$tls_certfile = $certificates_specs["httpd-${swift_proxy_network}"]['service_certificate']
$tls_keyfile = $certificates_specs["httpd-${swift_proxy_network}"]['service_key']
::tripleo::tls_proxy { 'swift-proxy-api':
servername => $tls_proxy_fqdn,
ip => $tls_proxy_bind_ip,
port => $tls_proxy_port,
tls_cert => $tls_certfile,
tls_key => $tls_keyfile,
if $configure_apache {
::tripleo::tls_proxy { 'swift-proxy-api':
servername => $tls_proxy_fqdn,
ip => $tls_proxy_bind_ip,
port => $tls_proxy_port,
tls_cert => $tls_certfile,
tls_key => $tls_keyfile,
}
Tripleo::Tls_proxy['swift-proxy-api'] ~> Anchor<| title == 'swift::service::begin' |>
include tripleo::profile::base::apache
}
Tripleo::Tls_proxy['swift-proxy-api'] ~> Anchor<| title == 'swift::service::begin' |>
include tripleo::profile::base::apache
}
}
include tripleo::profile::base::swift