ce4576375d
There are situations where it would be advantageous to let an operator specify custom per-service options. One such use case seen in the wild is to extend the timeout of the cinder because due to the specific storage backend these cinder operations sometimes take a bit longer. Letting the user tweak the haproxy_default_timeout is likely not what we want as for the case above we only want to tweak a single service. We explored another approach to fix this by adding a bunch of <service>_options class parameters in the tripleo::haproxy class but it made it extremely bloated and confusing, so we opted for this approach which is much less invasive both code-wise and complexity-wise Tested by deploying with: ExtraConfig: tripleo::haproxy::cinder::options: "timeout client": '90m' 'timeout server': '90m' And observing the following cinder haproxy stanza: listen cinder bind 10.0.0.4:8776 transparent bind 172.16.2.9:8776 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } option httpchk option httplog timeout client 90m timeout server 90m server overcloud-controller-0.internalapi.localdomain 172.16.2.7:8776 check fall 5 inter 2000 rise 2 server overcloud-controller-1.internalapi.localdomain 172.16.2.16:8776 check fall 5 inter 2000 rise 2 server overcloud-controller-2.internalapi.localdomain 172.16.2.13:8776 check fall 5 inter 2000 rise 2 Closes-Bug: #1755711 Change-Id: Icb7f026190b310d34c47dc059e2fdb22031b0963
94 lines
2.7 KiB
Ruby
94 lines
2.7 KiB
Ruby
require 'spec_helper'
|
|
|
|
describe 'tripleo::haproxy::endpoint' do
|
|
|
|
let(:title) { 'neutron' }
|
|
|
|
let :pre_condition do
|
|
'include ::haproxy'
|
|
end
|
|
|
|
let :params do {
|
|
:public_virtual_ip => '192.168.0.1',
|
|
:internal_ip => '10.0.0.1',
|
|
:service_port => 9696,
|
|
:ip_addresses => ['10.0.0.2', '10.0.0.3', '10.0.0.4'],
|
|
:server_names => ['controller1', 'controller2', 'controller3'],
|
|
:public_ssl_port => 19696,
|
|
:member_options => [ 'check', 'inter 2000', 'rise 2', 'fall 5' ],
|
|
:haproxy_listen_bind_param => ['transparent'],
|
|
}
|
|
end
|
|
|
|
shared_examples_for 'tripleo haproxy endpoint' do
|
|
context 'with basic parameters to configure neutron binding' do
|
|
it 'should configure haproxy' do
|
|
is_expected.to contain_haproxy__listen('neutron').with(
|
|
:collect_exported => false,
|
|
:bind => [
|
|
['10.0.0.1:9696', ['transparent']],
|
|
['192.168.0.1:9696', ['transparent']]
|
|
],
|
|
:options => {'option' => [],
|
|
'timeout client' => '90m',
|
|
'timeout server' => '90m',
|
|
},
|
|
)
|
|
end
|
|
end
|
|
|
|
context 'with dual-stack' do
|
|
before :each do
|
|
params.merge!({
|
|
:public_virtual_ip => ['fd00:fd00:fd00:2000::14', '192.168.0.1'],
|
|
})
|
|
end
|
|
it 'should configure haproxy' do
|
|
is_expected.to contain_haproxy__listen('neutron').with(
|
|
:collect_exported => false,
|
|
:bind => [
|
|
['10.0.0.1:9696', ['transparent']],
|
|
['fd00:fd00:fd00:2000::14:9696', ['transparent']],
|
|
['192.168.0.1:9696', ['transparent']]
|
|
]
|
|
)
|
|
end
|
|
end
|
|
|
|
context 'with userlist' do
|
|
before :each do
|
|
params.merge!({
|
|
:authorized_userlist => 'starwars',
|
|
})
|
|
end
|
|
let :pre_condition do
|
|
'include ::haproxy
|
|
::tripleo::haproxy::userlist {"starwars": users => ["leia password sister"]}
|
|
'
|
|
end
|
|
it 'should configure an ACL' do
|
|
is_expected.to compile.with_all_deps
|
|
is_expected.to contain_haproxy__listen('neutron').with(
|
|
:options => {
|
|
'option' => [],
|
|
'timeout client' => '90m',
|
|
'timeout server' => '90m',
|
|
'acl' => 'acl Authneutron http_auth(starwars)',
|
|
'http-request' => 'auth realm neutron if !Authneutron',
|
|
}
|
|
)
|
|
end
|
|
end
|
|
end
|
|
|
|
on_supported_os.each do |os, facts|
|
|
context "on #{os}" do
|
|
let(:facts) do
|
|
facts.merge({})
|
|
end
|
|
|
|
it_behaves_like 'tripleo haproxy endpoint'
|
|
end
|
|
end
|
|
end
|