From f148801e39b3a73b812a15fbbd2583e5d200282d Mon Sep 17 00:00:00 2001 From: Fernando Royo Date: Wed, 23 Oct 2024 17:53:29 +0200 Subject: [PATCH] Add configurable httpd timeout This patch adds an apiTimeout field to the OctaviaSpecCore to the already OctaviaSpec one to allow configure the timeouts for HAProxy and Apache. Also fixing *core* API spec version of the new GetDefaultRouteAnnotations function. Jira: https://issues.redhat.com/browse/OSPRH-6713 --- .../octavia.openstack.org_octaviaapis.yaml | 4 +++ api/bases/octavia.openstack.org_octavias.yaml | 4 +++ api/v1beta1/octavia_webhook.go | 31 +++++++++++++++++-- api/v1beta1/octaviaapi_types.go | 4 +++ .../octavia.openstack.org_octaviaapis.yaml | 4 +++ .../bases/octavia.openstack.org_octavias.yaml | 4 +++ controllers/octaviaapi_controller.go | 2 ++ templates/octaviaapi/config/httpd.conf | 2 ++ 8 files changed, 52 insertions(+), 3 deletions(-) diff --git a/api/bases/octavia.openstack.org_octaviaapis.yaml b/api/bases/octavia.openstack.org_octaviaapis.yaml index a7fad9ca..13584f8c 100644 --- a/api/bases/octavia.openstack.org_octaviaapis.yaml +++ b/api/bases/octavia.openstack.org_octaviaapis.yaml @@ -48,6 +48,10 @@ spec: spec: description: OctaviaAPISpec defines the desired state of OctaviaAPI properties: + apiTimeout: + description: APITimeout for HAProxy and Apache defaults to OctaviaSpecCore + APITimeout (seconds) + type: string containerImage: description: Octavia Container Image URL type: string diff --git a/api/bases/octavia.openstack.org_octavias.yaml b/api/bases/octavia.openstack.org_octavias.yaml index 359d8fdc..115d7fbf 100644 --- a/api/bases/octavia.openstack.org_octavias.yaml +++ b/api/bases/octavia.openstack.org_octavias.yaml @@ -150,6 +150,10 @@ spec: description: OctaviaAPI - Spec definition for the API service of the Octavia deployment properties: + apiTimeout: + description: APITimeout for HAProxy and Apache defaults to OctaviaSpecCore + APITimeout (seconds) + type: string containerImage: description: Octavia Container Image URL type: string diff --git a/api/v1beta1/octavia_webhook.go b/api/v1beta1/octavia_webhook.go index fa43cd7f..cc7c04aa 100644 --- a/api/v1beta1/octavia_webhook.go +++ b/api/v1beta1/octavia_webhook.go @@ -198,9 +198,34 @@ func (r *Octavia) ValidateDelete() (admission.Warnings, error) { return nil, nil } -func (spec *OctaviaSpec) GetDefaultRouteAnnotations() (annotations map[string]string) { - annotations = map[string]string{ +func (spec *OctaviaAPISpecCore) GetDefaultRouteAnnotations() (annotations map[string]string) { + return map[string]string{ "haproxy.router.openshift.io/timeout": octaviaDefaults.OctaviaAPIRouteTimeout, } - return +} + +// SetDefaultRouteAnnotations sets HAProxy timeout values of the route +func (octaviaAPI *OctaviaAPISpecCore) SetDefaultRouteAnnotations(annotations map[string]string) { + const haProxyAnno = "haproxy.router.openshift.io/timeout" + // Use a custom annotation to flag when the operator has set the default HAProxy timeout + // With the annotation func determines when to overwrite existing HAProxy timeout with the APITimeout + const octaviaAnno = "api.octavia.openstack.org/timeout" + + valOctavia, okOctavia := annotations[octaviaAnno] + valHAProxy, okHAProxy := annotations[haProxyAnno] + + // Human operator set the HAProxy timeout manually + if !okOctavia && okHAProxy { + return + } + + // Human operator modified the HAProxy timeout manually without removing the Octavia flag + if okOctavia && okHAProxy && valOctavia != valHAProxy { + delete(annotations, octaviaAnno) + return + } + + timeout := octaviaAPI.APITimeout + "s" + annotations[octaviaAnno] = timeout + annotations[haProxyAnno] = timeout } diff --git a/api/v1beta1/octaviaapi_types.go b/api/v1beta1/octaviaapi_types.go index 2323590e..88d74cf7 100644 --- a/api/v1beta1/octaviaapi_types.go +++ b/api/v1beta1/octaviaapi_types.go @@ -141,6 +141,10 @@ type OctaviaAPISpecCore struct { // +operator-sdk:csv:customresourcedefinitions:type=spec // TLS - Parameters related to the TLS TLS OctaviaApiTLS `json:"tls,omitempty"` + + // +kubebuilder:validation:Optional + // APITimeout for HAProxy and Apache defaults to OctaviaSpecCore APITimeout (seconds) + APITimeout string `json:"apiTimeout,omitempty"` } type OctaviaApiTLS struct { diff --git a/config/crd/bases/octavia.openstack.org_octaviaapis.yaml b/config/crd/bases/octavia.openstack.org_octaviaapis.yaml index a7fad9ca..13584f8c 100644 --- a/config/crd/bases/octavia.openstack.org_octaviaapis.yaml +++ b/config/crd/bases/octavia.openstack.org_octaviaapis.yaml @@ -48,6 +48,10 @@ spec: spec: description: OctaviaAPISpec defines the desired state of OctaviaAPI properties: + apiTimeout: + description: APITimeout for HAProxy and Apache defaults to OctaviaSpecCore + APITimeout (seconds) + type: string containerImage: description: Octavia Container Image URL type: string diff --git a/config/crd/bases/octavia.openstack.org_octavias.yaml b/config/crd/bases/octavia.openstack.org_octavias.yaml index 359d8fdc..115d7fbf 100644 --- a/config/crd/bases/octavia.openstack.org_octavias.yaml +++ b/config/crd/bases/octavia.openstack.org_octavias.yaml @@ -150,6 +150,10 @@ spec: description: OctaviaAPI - Spec definition for the API service of the Octavia deployment properties: + apiTimeout: + description: APITimeout for HAProxy and Apache defaults to OctaviaSpecCore + APITimeout (seconds) + type: string containerImage: description: Octavia Container Image URL type: string diff --git a/controllers/octaviaapi_controller.go b/controllers/octaviaapi_controller.go index 782c4d93..d76fe1b6 100644 --- a/controllers/octaviaapi_controller.go +++ b/controllers/octaviaapi_controller.go @@ -978,6 +978,8 @@ func (r *OctaviaAPIReconciler) generateServiceSecrets( } templateParameters["OVNDB_TLS"] = instance.Spec.TLS.Ovn.Enabled() + templateParameters["TimeOut"] = instance.Spec.APITimeout + // create httpd vhost template parameters httpdVhostConfig := map[string]interface{}{} for _, endpt := range []service.Endpoint{service.EndpointInternal, service.EndpointPublic} { diff --git a/templates/octaviaapi/config/httpd.conf b/templates/octaviaapi/config/httpd.conf index d971bc17..fbf161e5 100644 --- a/templates/octaviaapi/config/httpd.conf +++ b/templates/octaviaapi/config/httpd.conf @@ -36,6 +36,8 @@ ErrorLog /dev/stdout CustomLog /dev/stdout combined env=!forwarded CustomLog /dev/stdout proxy env=forwarded + TimeOut {{ $.TimeOut }} + {{- if $vhost.TLS }} SetEnvIf X-Forwarded-Proto https HTTPS=1