Puppet Class: swift::proxy

Defined in:
modules/swift/manifests/proxy.pp

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • proxy_service_host (Any)
  • shard_container_list (Any)
  • accounts (Hash[String, Hash])
  • credentials (Hash[String, String])
  • memcached_servers (Any) (defaults to: ['localhost'])
  • memcached_port (Any) (defaults to: 11211)
  • statsd_host (Any) (defaults to: undef)
  • statsd_port (Any) (defaults to: 8125)
  • statsd_metric_prefix (Any) (defaults to: undef)
  • statsd_sample_rate_factor (Any) (defaults to: '1')
  • bind_port (Any) (defaults to: '80')
  • num_workers (Any) (defaults to: $::processorcount)
  • rewrite_account (Any) (defaults to: undef)
  • dispersion_account (Any) (defaults to: undef)
  • thumborhost (Any) (defaults to: '')
  • inactivedc_thumborhost (Any) (defaults to: '')
  • enable_wmf_filters (Any) (defaults to: true)
  • read_affinity (Any) (defaults to: undef)


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# File 'modules/swift/manifests/proxy.pp', line 2

class swift::proxy (
    $proxy_service_host,
    $shard_container_list,
    Hash[String, Hash] $accounts,
    Hash[String, String] $credentials,
    $memcached_servers         = ['localhost'],
    $memcached_port            = 11211,
    $statsd_host               = undef,
    $statsd_port               = 8125,
    $statsd_metric_prefix      = undef,
    $statsd_sample_rate_factor = '1',
    $bind_port                 = '80',
    $num_workers               = $::processorcount,
    $rewrite_account           = undef,
    $dispersion_account        = undef,
    $thumborhost               = '',
    $inactivedc_thumborhost    = '',
    $enable_wmf_filters        = true,
    $read_affinity             = undef,
) {
    package {[
        'swift-proxy',
    ]:
        ensure => present,
    }

    # eventlet + getaddrinfo is busted in Bullseye, thus use addresses
    # https://phabricator.wikimedia.org/T283714
    $memcached_addresses = $memcached_servers.map |$server| {
        $addr = ipresolve($server, 4); "${addr}:${memcached_port}"
    }

    $base_middlewares = $enable_wmf_filters ? {
        true  => ['ensure_max_age', 'rewrite', 'healthcheck', 'cache', 'container_sync', 'tempurl',
                  'ratelimit', 'tempauth', 'cors', 'proxy-logging', 'proxy-server'],
        false => ['healthcheck', 'cache', 'container_sync', 'bulk', 'tempurl', 'ratelimit', 's3api',
                  'tempauth', 'slo', 'proxy-logging', 'proxy-server'],
    }

    $middlewares = debian::codename::ge('bullseye') ? {
        # proxy-logging is repeated in the pipeline on purpose
        # https://bugs.launchpad.net/swift/+bug/1939888
        true  => ['proxy-logging', 'listing_formats'] + $base_middlewares,
        false => $base_middlewares,
    }

    file { '/etc/swift/proxy-server.conf':
        owner     => 'swift',
        group     => 'swift',
        mode      => '0440',
        content   => template('swift/proxy-server.conf.erb'),
        require   => Package['swift-proxy'],
        show_diff => false,
    }

    if $dispersion_account != undef {
        file { '/etc/swift/dispersion.conf':
            owner     => 'swift',
            group     => 'swift',
            mode      => '0440',
            content   => template('swift/dispersion.conf.erb'),
            require   => Package['swift'],
            show_diff => false,
        }
    }

    logrotate::conf { 'swift-proxy':
        ensure => absent,
    }

    rsyslog::conf { 'swift-proxy':
        ensure   => absent,
    }

    # stock Debian package uses start-stop-daemon --chuid and init.d script to
    # start swift-proxy, our proxy binds to port 80 so it isn't going to work.
    # Use a modified version of 'swift-proxy' systemd unit
    systemd::service { 'swift-proxy':
        content => systemd_template('swift-proxy'),
    }

    if debian::codename::lt('bullseye') {
        $python_version = '2.7'
        $monotonic_package = 'python-monotonic'
    } else {
        $python_version = '3.9'
        $monotonic_package = 'python3-monotonic'
    }

    ensure_packages($monotonic_package)

    file { "/usr/local/lib/python${python_version}/dist-packages/wmf/":
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        source  => "puppet:///modules/swift/python${python_version}/SwiftMedia/wmf/",
        recurse => 'remote',
    }
}