Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add configurable httpd timeout #403

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions api/bases/octavia.openstack.org_octaviaapis.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,10 @@ spec:
spec:
description: OctaviaAPISpec defines the desired state of OctaviaAPI
properties:
apiTimeout:
description: APITimeout for HAProxy and Apache defaults to OctaviaSpecCore
APITimeout (seconds)
type: integer
containerImage:
description: Octavia Container Image URL
type: string
Expand Down
8 changes: 7 additions & 1 deletion api/bases/octavia.openstack.org_octavias.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -75,8 +75,9 @@ spec:
description: Apache Container Image URL
type: string
apiTimeout:
default: 120
description: Octavia API timeout
type: string
type: integer
customServiceConfig:
default: '# add your customization here'
description: CustomServiceConfig - customize the service config using
Expand Down Expand Up @@ -152,6 +153,10 @@ spec:
description: OctaviaAPI - Spec definition for the API service of the
Octavia deployment
properties:
apiTimeout:
description: APITimeout for HAProxy and Apache defaults to OctaviaSpecCore
APITimeout (seconds)
type: integer
containerImage:
description: Octavia Container Image URL
type: string
Expand Down Expand Up @@ -1383,6 +1388,7 @@ spec:
type: string
required:
- apacheContainerImage
- apiTimeout
- databaseInstance
- octaviaAPI
- octaviaNetworkAttachment
Expand Down
9 changes: 5 additions & 4 deletions api/v1beta1/octavia_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ const (
ApacheContainerImage = "registry.redhat.io/ubi9/httpd-24:latest"

// Octavia API timeout
APITimeout = "120"
APITimeout = 120
)

// OctaviaSpec defines the desired state of Octavia
Expand Down Expand Up @@ -204,9 +204,10 @@ type OctaviaSpecBase struct {
// Apache Container Image URL
ApacheContainerImage string `json:"apacheContainerImage"`

// +kubebuilder:validation:Optional
// +kubebuilder:validation:Required
// +kubebuilder:default=120
// Octavia API timeout
APITimeout string `json:"apiTimeout,omitempty"`
APITimeout int `json:"apiTimeout"`

// +kubebuilder:validation:Required
// +kubebuilder:default=octavia
Expand Down Expand Up @@ -368,7 +369,7 @@ func SetupDefaults() {
HealthManagerContainerImageURL: util.GetEnvVar("RELATED_IMAGE_OCTAVIA_HEALTHMANAGER_IMAGE_URL_DEFAULT", OctaviaHealthManagerContainerImage),
WorkerContainerImageURL: util.GetEnvVar("RELATED_IMAGE_OCTAVIA_WORKER_IMAGE_URL_DEFAULT", OctaviaWorkerContainerImage),
ApacheContainerImageURL: util.GetEnvVar("RELATED_IMAGE_OCTAVIA_APACHE_IMAGE_URL_DEFAULT", ApacheContainerImage),
OctaviaAPIRouteTimeout: util.GetEnvVar("OCTAVIA_API_TIMEOUT", APITimeout),
OctaviaAPIRouteTimeout: APITimeout,
// No default for AmphoraImageContainerImageURL
}

Expand Down
35 changes: 30 additions & 5 deletions api/v1beta1/octavia_webhook.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ type OctaviaDefaults struct {
HealthManagerContainerImageURL string
WorkerContainerImageURL string
ApacheContainerImageURL string
OctaviaAPIRouteTimeout string
OctaviaAPIRouteTimeout int
}

var octaviaDefaults OctaviaDefaults
Expand Down Expand Up @@ -198,9 +198,34 @@ func (r *Octavia) ValidateDelete() (admission.Warnings, error) {
return nil, nil
}

func (spec *OctaviaSpec) GetDefaultRouteAnnotations() (annotations map[string]string) {
annotations = map[string]string{
"haproxy.router.openshift.io/timeout": octaviaDefaults.OctaviaAPIRouteTimeout,
func (spec *OctaviaSpecCore) GetDefaultRouteAnnotations() (annotations map[string]string) {
return map[string]string{
"haproxy.router.openshift.io/timeout": fmt.Sprintf("%ds", octaviaDefaults.OctaviaAPIRouteTimeout),
}
return
}

// SetDefaultRouteAnnotations sets HAProxy timeout values of the route
func (spec *OctaviaSpecCore) SetDefaultRouteAnnotations(annotations map[string]string) {
const haProxyAnno = "haproxy.router.openshift.io/timeout"
// Use a custom annotation to flag when the operator has set the default HAProxy timeout
// With the annotation func determines when to overwrite existing HAProxy timeout with the APITimeout
const octaviaAnno = "api.octavia.openstack.org/timeout"

valOctavia, okOctavia := annotations[octaviaAnno]
valHAProxy, okHAProxy := annotations[haProxyAnno]

// Human operator set the HAProxy timeout manually
if !okOctavia && okHAProxy {
return
}

// Human operator modified the HAProxy timeout manually without removing the Octavia flag
if okOctavia && okHAProxy && valOctavia != valHAProxy {
delete(annotations, octaviaAnno)
return
}

timeout := fmt.Sprintf("%ds", spec.APITimeout)
annotations[octaviaAnno] = timeout
annotations[haProxyAnno] = timeout
}
4 changes: 4 additions & 0 deletions api/v1beta1/octaviaapi_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,10 @@ type OctaviaAPISpecCore struct {
// +operator-sdk:csv:customresourcedefinitions:type=spec
// TLS - Parameters related to the TLS
TLS OctaviaApiTLS `json:"tls,omitempty"`

// +kubebuilder:validation:Optional
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. here it's defined as Optional

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for reopening this, but you left this Optional. Was that intentional?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, to keep option to be passed by spec otherwise we trust on the octavia_api one and it will be passed by the controller

// APITimeout for HAProxy and Apache defaults to OctaviaSpecCore APITimeout (seconds)
APITimeout int `json:"apiTimeout"`
}

type OctaviaApiTLS struct {
Expand Down
4 changes: 4 additions & 0 deletions config/crd/bases/octavia.openstack.org_octaviaapis.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,10 @@ spec:
spec:
description: OctaviaAPISpec defines the desired state of OctaviaAPI
properties:
apiTimeout:
description: APITimeout for HAProxy and Apache defaults to OctaviaSpecCore
APITimeout (seconds)
type: integer
containerImage:
description: Octavia Container Image URL
type: string
Expand Down
8 changes: 7 additions & 1 deletion config/crd/bases/octavia.openstack.org_octavias.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -75,8 +75,9 @@ spec:
description: Apache Container Image URL
type: string
apiTimeout:
default: 120
description: Octavia API timeout
type: string
type: integer
customServiceConfig:
default: '# add your customization here'
description: CustomServiceConfig - customize the service config using
Expand Down Expand Up @@ -152,6 +153,10 @@ spec:
description: OctaviaAPI - Spec definition for the API service of the
Octavia deployment
properties:
apiTimeout:
description: APITimeout for HAProxy and Apache defaults to OctaviaSpecCore
APITimeout (seconds)
type: integer
containerImage:
description: Octavia Container Image URL
type: string
Expand Down Expand Up @@ -1383,6 +1388,7 @@ spec:
type: string
required:
- apacheContainerImage
- apiTimeout
- databaseInstance
- octaviaAPI
- octaviaNetworkAttachment
Expand Down
2 changes: 0 additions & 2 deletions config/default/manager_default_images.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,5 +21,3 @@ spec:
value: quay.io/podified-antelope-centos9/openstack-octavia-worker:current-podified
- name: RELATED_IMAGE_OCTAVIA_APACHE_IMAGE_URL_DEFAULT
value: registry.redhat.io/ubi9/httpd-24:latest
- name: OCTAVIA_API_TIMEOUT
value: "120"
2 changes: 2 additions & 0 deletions controllers/octavia_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -1481,6 +1481,8 @@ func (r *OctaviaReconciler) apiDeploymentCreateOrUpdate(instance *octaviav1.Octa
deployment.Spec.Secret = instance.Spec.Secret
deployment.Spec.ServiceAccount = instance.RbacResourceName()
deployment.Spec.TLS = instance.Spec.OctaviaAPI.TLS
deployment.Spec.APITimeout = instance.Spec.APITimeout

if len(deployment.Spec.NodeSelector) == 0 {
deployment.Spec.NodeSelector = instance.Spec.NodeSelector
}
Expand Down
2 changes: 2 additions & 0 deletions controllers/octaviaapi_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -978,6 +978,8 @@ func (r *OctaviaAPIReconciler) generateServiceSecrets(
}
templateParameters["OVNDB_TLS"] = instance.Spec.TLS.Ovn.Enabled()

templateParameters["TimeOut"] = instance.Spec.APITimeout

// create httpd vhost template parameters
httpdVhostConfig := map[string]interface{}{}
for _, endpt := range []service.Endpoint{service.EndpointInternal, service.EndpointPublic} {
Expand Down
2 changes: 2 additions & 0 deletions templates/octaviaapi/config/httpd.conf
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,8 @@ ErrorLog /dev/stdout
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded

TimeOut {{ $.TimeOut }}
fernandoroyosanchez marked this conversation as resolved.
Show resolved Hide resolved

{{- if $vhost.TLS }}
SetEnvIf X-Forwarded-Proto https HTTPS=1

Expand Down