Puppet Class: ec2api::api
- Inherits:
- ec2api::params
- Defined in:
- manifests/api.pp
Overview
Class: ec2api::api
EC2 API class to configure the API service via puppet.
Parameters
All options are optional unless specified otherwise. All options defaults to $::os_service_default and the default values from the service are used.
API
- keystone_ec2_tokens_url
-
URL to authenticate token from ec2 request. Default: $::os_service_default
- ec2_timestamp_expiry
-
Time in seconds before ec2 timestamp expires. Default: $::os_service_default
Service
- ec2api_listen
-
The IP address on which the EC2 API will listen. Default: $::os_service_default
- ec2api_listen_port
-
The port on which the EC2 API will listen. Default: $::os_service_default
- ec2api_use_ssl
-
Enable ssl connections or not for EC2 API. Default: $::os_service_default
- ec2api_workers
-
Number of workers for EC2 API service. The default will be equal to the number of CPUs available. Default: $::os_workers
- service_down_time
-
Maximum time since last check-in for up service. Default: $::os_service_default
WSGI
- api_paste_config
-
File name for the paste.deploy config for ec2api. Default: $::os_service_default
- ssl_cert_file
-
SSL certificate of API server. Default: $::os_service_default
- ssl_key_file
-
SSL private key of API server. Default: $::os_service_default
- tcp_keepidle
-
Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X. Default: $::os_service_default
- wsgi_default_pool_size
-
Size of the pool of greenthreads used by wsgi. Default: $::os_service_default
- max_header_line
-
Maximum line size of message headers to be accepted. max_header_line may need to be increased when using large tokens (typically those generated by the Keystone v3 API with big service catalogs). Default: $::os_service_default
API clients
- ssl_insecure
-
Verify HTTPS connections. Default: $::os_service_default
- ssl_ca_file
-
VCA certificate file to use to verify connecting clients. Default: $::os_service_default
- nova_service_type
-
Service type of Compute API, registered in Keystone catalog. Should be v2.1 with microversion support. If it is obsolete v2, a lot of useful EC2 compliant instance properties will be unavailable. Default: $::os_service_default
- cinder_service_type
-
Service type of Volume API, registered in Keystone catalog. Default: $::os_service_default
- admin_user
-
Admin user to access specific cloud resourses. Default: $::os_service_default
- admin_password
-
Admin password. Default: $::os_service_default
- admin_tenant_name
-
Admin tenant name. Default: $::os_service_default
Auth
- api_rate_limit
-
Whether to use per-user rate limiting for the API. Default: $::os_service_default
- use_forwarded_for
-
Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy. Default: $::os_service_default
ec2utils
- external_network
-
Name of the external network, which is used to connect VPCs to Internet and to allocate Elastic IPs. Default: $::os_service_default
Availability zone
- internal_service_availability_zone
-
The availability_zone to show internal services under. Default: $::os_service_default
- my_ip
-
IP address of this host. Default: $::os_service_default
- ec2_host
-
The IP address of the EC2 API server. Default: $::os_service_default
- ec2_port
-
The port of the EC2 API server. Default: $::os_service_default
- ec2_scheme
-
The protocol to use when connecting to the EC2 API server (http, https). Default: $::os_service_default
- ec2_path
-
The path prefix used to call the ec2 API server. Default: $::os_service_default
- region_list
-
List of region=fqdn pairs separated by commas. Default: $::os_service_default
DHCP options
- network_device_mtu
-
MTU size to set by DHCP for instances. Corresponds with the network_device_mtu in ec2api.conf. Default: $::os_service_default
Common
- full_vpc_support
-
True if server supports Neutron for full VPC access. Default: $::os_service_default
Instance
- ec2_private_dns_show_ip
-
Return the IP address as private dns hostname in describe instances Default: $::os_service_default
- default_flavor
-
A flavor to use as a default instance type Default: $::os_service_default
Exception
- fatal_exception_format_errors
-
Make exception message format errors fatal. Default: $::os_service_default
Paths
- tempdir
-
Explicitly specify the temporary working directory. Default: $::os_service_default
- pybasedir
-
Directory where the ec2api python module is installed. Default: $::os_service_default
- bindir
-
Directory where ec2api binaries are installed. Default: $::os_service_default
- state_path
-
Top-level directory for maintaining ec2api’s state. Default: $::os_service_default
Manage service
- manage_service
-
Should the API service actually be managed by Puppet? Default: true
- service_name
-
The real system name of the API service. Default: $::ec2api::params::api_service_name
- enabled
-
Should the service be enabled and started (true) of disabled and stopped (false). Default: true
DEPRECATED PARAMETERS
- use_tpool
-
Enable the experimental use of thread pooling for all DB API calls Default: $::os_service_default
223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 |
# File 'manifests/api.pp', line 223
class ec2api::api (
# API
$keystone_ec2_tokens_url = $::os_service_default,
$ec2_timestamp_expiry = $::os_service_default,
# Service
$ec2api_listen = $::os_service_default,
$ec2api_listen_port = $::os_service_default,
$ec2api_use_ssl = $::os_service_default,
$ec2api_workers = $::os_workers,
$service_down_time = $::os_service_default,
# WSGI
$api_paste_config = $::os_service_default,
$ssl_cert_file = $::os_service_default,
$ssl_key_file = $::os_service_default,
$tcp_keepidle = $::os_service_default,
$wsgi_default_pool_size = $::os_service_default,
$max_header_line = $::os_service_default,
# API clients
$ssl_insecure = $::os_service_default,
$ssl_ca_file = $::os_service_default,
$nova_service_type = $::os_service_default,
$cinder_service_type = $::os_service_default,
$admin_user = $::os_service_default,
$admin_password = $::os_service_default,
$admin_tenant_name = $::os_service_default,
# auth
$api_rate_limit = $::os_service_default,
$use_forwarded_for = $::os_service_default,
# ec2utils
$external_network = $::os_service_default,
# Availability zone
$internal_service_availability_zone = $::os_service_default,
$my_ip = $::os_service_default,
$ec2_host = $::os_service_default,
$ec2_port = $::os_service_default,
$ec2_scheme = $::os_service_default,
$ec2_path = $::os_service_default,
$region_list = $::os_service_default,
# DHCP options
$network_device_mtu = $::os_service_default,
# Common
$full_vpc_support = $::os_service_default,
# Instance
$ec2_private_dns_show_ip = $::os_service_default,
$default_flavor = $::os_service_default,
# Exception
$fatal_exception_format_errors = $::os_service_default,
# Paths
$tempdir = $::os_service_default,
$pybasedir = $::os_service_default,
$bindir = $::os_service_default,
$state_path = $::os_service_default,
# Manage service
$manage_service = true,
$service_name = $::ec2api::params::api_service_name,
$enabled = true,
# DEPRECATED PARAMETERS
$use_tpool = undef,
) inherits ec2api::params {
include ec2api::deps
validate_legacy(Boolean, 'validate_bool', $manage_service)
validate_legacy(String, 'validate_string', $service_name)
validate_legacy(Boolean, 'validate_bool', $enabled)
ec2api_config {
'DEFAULT/keystone_ec2_tokens_url': value => $keystone_ec2_tokens_url;
'DEFAULT/ec2_timestamp_expiry': value => $ec2_timestamp_expiry;
'DEFAULT/ec2api_listen': value => $ec2api_listen;
'DEFAULT/ec2api_listen_port': value => $ec2api_listen_port;
'DEFAULT/ec2api_use_ssl': value => $ec2api_use_ssl;
'DEFAULT/ec2api_workers': value => $ec2api_workers;
'DEFAULT/service_down_time': value => $service_down_time;
'DEFAULT/api_paste_config': value => $api_paste_config;
'DEFAULT/ssl_cert_file': value => $ssl_cert_file;
'DEFAULT/ssl_key_file': value => $ssl_key_file;
'DEFAULT/tcp_keepidle': value => $tcp_keepidle;
'DEFAULT/wsgi_default_pool_size': value => $wsgi_default_pool_size;
'DEFAULT/max_header_line': value => $max_header_line;
'DEFAULT/ssl_insecure': value => $ssl_insecure;
'DEFAULT/ssl_ca_file': value => $ssl_ca_file;
'DEFAULT/nova_service_type': value => $nova_service_type;
'DEFAULT/cinder_service_type': value => $cinder_service_type;
'DEFAULT/admin_user': value => $admin_user;
'DEFAULT/admin_password': value => $admin_password, secret => true;
'DEFAULT/admin_tenant_name': value => $admin_tenant_name;
'DEFAULT/api_rate_limit': value => $api_rate_limit;
'DEFAULT/use_forwarded_for': value => $use_forwarded_for;
'DEFAULT/external_network': value => $external_network;
'DEFAULT/internal_service_availability_zone': value => $internal_service_availability_zone;
'DEFAULT/my_ip': value => $my_ip;
'DEFAULT/ec2_host': value => $ec2_host;
'DEFAULT/ec2_port': value => $ec2_port;
'DEFAULT/ec2_scheme': value => $ec2_scheme;
'DEFAULT/ec2_path': value => $ec2_path;
'DEFAULT/region_list': value => $region_list;
'DEFAULT/network_device_mtu': value => $network_device_mtu;
'DEFAULT/full_vpc_support': value => $full_vpc_support;
'DEFAULT/ec2_private_dns_show_ip': value => $ec2_private_dns_show_ip;
'DEFAULT/default_flavor': value => $default_flavor;
'DEFAULT/fatal_exception_format_errors': value => $fatal_exception_format_errors;
'DEFAULT/tempdir': value => $tempdir;
'DEFAULT/pybasedir': value => $pybasedir;
'DEFAULT/bindir': value => $bindir;
'DEFAULT/state_path': value => $state_path;
}
if $use_tpool != undef {
warning('The use_tpool parameter is deprecated and will be removed in a future release.')
}
ec2api_config {
'DEFAULT/use_tpool': value => pick($use_tpool, $::os_service_default);
}
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
service { 'openstack-ec2-api-service' :
ensure => $service_ensure,
name => $service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'ec2api-service',
}
}
}
|