puppet-tripleo/spec/defines/tripleo_haproxy_endpoint_spec.rb
Michele Baldessari ce4576375d Allow custom per-service listen_options for haproxy
There are situations where it would be advantageous to let
an operator specify custom per-service options.
One such use case seen in the wild is to extend the timeout of the cinder
because due to the specific storage backend these cinder operations
sometimes take a bit longer. Letting the user tweak the
haproxy_default_timeout is likely not what we want as for the case
above we only want to tweak a single service.

We explored another approach to fix this by adding a bunch of
<service>_options class parameters in the tripleo::haproxy class but it
made it extremely bloated and confusing, so we opted for this approach
which is much less invasive both code-wise and complexity-wise

Tested by deploying with:
ExtraConfig:
  tripleo::haproxy::cinder::options:
    "timeout client": '90m'
    'timeout server': '90m'

And observing the following cinder haproxy stanza:
listen cinder
  bind 10.0.0.4:8776 transparent
  bind 172.16.2.9:8776 transparent
  mode http
  http-request set-header X-Forwarded-Proto https if { ssl_fc }
  http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
  option httpchk
  option httplog
  timeout client 90m
  timeout server 90m
  server overcloud-controller-0.internalapi.localdomain 172.16.2.7:8776 check fall 5 inter 2000 rise 2
  server overcloud-controller-1.internalapi.localdomain 172.16.2.16:8776 check fall 5 inter 2000 rise 2
  server overcloud-controller-2.internalapi.localdomain 172.16.2.13:8776 check fall 5 inter 2000 rise 2

Closes-Bug: #1755711

Change-Id: Icb7f026190b310d34c47dc059e2fdb22031b0963
2018-03-14 15:12:38 +01:00

94 lines
2.7 KiB
Ruby

require 'spec_helper'
describe 'tripleo::haproxy::endpoint' do
let(:title) { 'neutron' }
let :pre_condition do
'include ::haproxy'
end
let :params do {
:public_virtual_ip => '192.168.0.1',
:internal_ip => '10.0.0.1',
:service_port => 9696,
:ip_addresses => ['10.0.0.2', '10.0.0.3', '10.0.0.4'],
:server_names => ['controller1', 'controller2', 'controller3'],
:public_ssl_port => 19696,
:member_options => [ 'check', 'inter 2000', 'rise 2', 'fall 5' ],
:haproxy_listen_bind_param => ['transparent'],
}
end
shared_examples_for 'tripleo haproxy endpoint' do
context 'with basic parameters to configure neutron binding' do
it 'should configure haproxy' do
is_expected.to contain_haproxy__listen('neutron').with(
:collect_exported => false,
:bind => [
['10.0.0.1:9696', ['transparent']],
['192.168.0.1:9696', ['transparent']]
],
:options => {'option' => [],
'timeout client' => '90m',
'timeout server' => '90m',
},
)
end
end
context 'with dual-stack' do
before :each do
params.merge!({
:public_virtual_ip => ['fd00:fd00:fd00:2000::14', '192.168.0.1'],
})
end
it 'should configure haproxy' do
is_expected.to contain_haproxy__listen('neutron').with(
:collect_exported => false,
:bind => [
['10.0.0.1:9696', ['transparent']],
['fd00:fd00:fd00:2000::14:9696', ['transparent']],
['192.168.0.1:9696', ['transparent']]
]
)
end
end
context 'with userlist' do
before :each do
params.merge!({
:authorized_userlist => 'starwars',
})
end
let :pre_condition do
'include ::haproxy
::tripleo::haproxy::userlist {"starwars": users => ["leia password sister"]}
'
end
it 'should configure an ACL' do
is_expected.to compile.with_all_deps
is_expected.to contain_haproxy__listen('neutron').with(
:options => {
'option' => [],
'timeout client' => '90m',
'timeout server' => '90m',
'acl' => 'acl Authneutron http_auth(starwars)',
'http-request' => 'auth realm neutron if !Authneutron',
}
)
end
end
end
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) do
facts.merge({})
end
it_behaves_like 'tripleo haproxy endpoint'
end
end
end