Add parameters to upstream and upstreammembers

Add parameters to nginx::resource::upstream and nginx::resource::upstream::member which allows more configuration on upstreams as before. The only thing that we broke is that the members of an upstream must now be passed as a hash rather than an array. This also makes the sorting of keepalive to the end no longer necessary because there is now a parameter for it. And values for a nginx::resource::upstream::member can now be set as default for all members of an upstream or individually for each member inside the members hash. Of course, the explicit specification overrides the defaults. In general the changes have made more parameters available to nginx::resource::upstream and nginx::resource::upstream::member. In addition, one of the two templates for nginx::resource::upstream::member was disposed since it is no longer needed. Fixes GH-1222
voxpupuli · Jul 16, 2018 · cf49d4c · cf49d4c
1 parent 9cbde2b
commit cf49d4c
Show file tree

Hide file tree

Showing 18 changed files with 719 additions and 198 deletions.
diff --git a/README.md b/README.md
@@ -53,11 +53,17 @@ nginx::resource::server { 'www.puppetlabs.com':
 
 ```puppet
 nginx::resource::upstream { 'puppet_rack_app':
-  members => [
-    'localhost:3000',
-    'localhost:3001',
-    'localhost:3002',
-  ],
+  members => {
+    'localhost:3000':
+      server => 'localhost'
+      port   => 3000
+    'localhost:3001':
+      server => 'localhost'
+      port   => 3001
+    'localhost:3002':
+      server => 'localhost'
+      port   => 3002
+  },
 }
 
 nginx::resource::server { 'rack.puppetlabs.com':
@@ -137,9 +143,15 @@ nginx::nginx_upstreams:
   'puppet_rack_app':
     ensure: present
     members:
-      - localhost:3000
-      - localhost:3001
-      - localhost:3002
+      'localhost:3000':
+        server: 'localhost'
+        port: 3000
+      'localhost:3001':
+        server: 'localhost'
+        port: 3001
+      'localhost:3002':
+        server: 'localhost'
+        port: 3002
 nginx::nginx_servers:
   'www.puppetlabs.com':
     www_root: '/var/www/www.puppetlabs.com'
@@ -185,9 +197,15 @@ nginx::nginx_upstreams:
   'syslog':
     upstream_context: 'stream'
     members:
-      - '10.0.0.1:514'
-      - '10.0.0.2:514'
-      - '10.0.0.3:514'
+      '10.0.0.1:514'
+        server: '10.0.0.1'
+        port: '514'
+      '10.0.0.2:514'
+        server: '10.0.0.2'
+        port: '514'
+      '10.0.0.3:514'
+        server: '10.0.0.3'
+        port: '514'
 ```
 
 ## Nginx with precompiled Passenger

diff --git a/manifests/resource/upstream.pp b/manifests/resource/upstream.pp
@@ -3,13 +3,26 @@
 # This definition creates a new upstream proxy entry for NGINX
 #
 # Parameters:
-#   [*members*]               - Array of member URIs for NGINX to connect to. Must follow valid NGINX syntax.
-#                               If omitted, individual members should be defined with nginx::resource::upstream::member
 #   [*ensure*]                - Enables or disables the specified location (present|absent)
-#   [*upstream_cfg_append*]   - Hash of custom directives to put after other directives in upstream
-#   [*upstream_cfg_prepend*]  - It expects a hash with custom directives to put before anything else inside upstream
-#   [*upstream_fail_timeout*] - Set the fail_timeout for the upstream. Default is 10 seconds - As that is what Nginx does normally.
-#   [*upstream_max_fails*]    - Set the max_fails for the upstream. Default is to use nginx default value which is 1.
+#   [*context*]               - Set the type of this upstream (http|stream).
+#   [*members*]               - Hash of member URIs for NGINX to connect to. Must follow valid NGINX syntax.
+#                               If omitted, individual members should be defined with nginx::resource::upstream::member
+#   [*members_tag*]           - Restrict collecting the exported members for this upstream with a tag.
+#   [*member_defaults*]       - Specify default settings added to each member of this upstream.
+#   [*hash*]                  - Activate the hash load balancing method (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#hash).
+#   [*ip_hash*]               - Activate ip_hash for this upstream (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#ip_hash).
+#   [*keepalive*]             - Set the maximum number of idle keepalive connections (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive).
+#   [*least_conn*]            - Activate the least_conn load balancing method (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#least_conn).
+#   [*least_time*]            - Activate the least_time load balancing method (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#least_time).
+#   [*ntlm*]                  - Allow NTLM authentication (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#ntlm).
+#   [*queue_max*]             - Set the maximum number of queued requests (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#queue).
+#   [*queue_timeout*]         - Set the timeout for the queue (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#queue).
+#   [*random*]                - Activate the random load balancing method (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#random).
+#   [*statefile*]             - Specifies a file that keeps the state of the dynamically configurable group (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#state).
+#   [*sticky*]                - Enables session affinity (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#sticky).
+#   [*zone*]                  - Defines the name and optional the size of the shared memory zone (https://nginx.org/en/docs/http/ngx_http_upstream_module.html#zone).
+#   [*cfg_append*]            - Hash of custom directives to put after other directives in upstream
+#   [*cfg_prepend*]           - It expects a hash with custom directives to put before anything else inside upstream
 #
 # Actions:
 #
@@ -18,82 +31,116 @@
 # Sample Usage:
 #  nginx::resource::upstream { 'proxypass':
 #    ensure  => present,
-#    members => [
-#      'localhost:3000',
-#      'localhost:3001',
-#      'localhost:3002',
-#    ],
+#    members => {
+#      'localhost:3001' => {
+#        server => 'localhost',
+#        port   => 3000,
+#      },
+#      'localhost:3002' => {
+#        server => 'localhost',
+#        port   => 3002,
+#      },
+#      'localhost:3003' => {
+#        server => 'localhost',
+#        port   => 3003,
+#      },
+#    },
 #  }
 #
 #  Custom config example to use ip_hash, and 20 keepalive connections
 #  create a hash with any extra custom config you want.
-#  $my_config = {
-#    'ip_hash'   => '',
-#    'keepalive' => '20',
-#  }
 #  nginx::resource::upstream { 'proxypass':
-#    ensure              => present,
-#    members => [
-#      'localhost:3000',
-#      'localhost:3001',
-#      'localhost:3002',
-#    ],
-#    upstream_cfg_prepend => $my_config,
+#    ensure    => present,
+#    members   => {
+#      'localhost:3001' => {
+#        server => 'localhost',
+#        port   => 3000,
+#      },
+#      'localhost:3002' => {
+#        server => 'localhost',
+#        port   => 3002,
+#      },
+#      'localhost:3003' => {
+#        server => 'localhost',
+#        port   => 3003,
+#      },
+#    },
+#    ip_hash   => true,
+#    keepalive => 20,
 #  }
+#
 define nginx::resource::upstream (
-  Optional[Array] $members                  = undef,
-  $members_tag                              = undef,
-  Enum['present', 'absent'] $ensure         = 'present',
-  Optional[Hash] $upstream_cfg_append       = undef,
-  Optional[Hash] $upstream_cfg_prepend      = undef,
-  $upstream_fail_timeout                    = '10s',
-  $upstream_max_fails                       = undef,
-  Enum['http', 'stream'] $upstream_context  = 'http',
+  Enum['present', 'absent']                 $ensure                 = 'present',
+  Enum['http', 'stream']                    $context                = 'http',
+  Optional[Hash]                            $members                = undef,
+  Optional[String]                          $members_tag            = undef,
+  Optional[Nginx::UpstreamMemberDefaults]   $member_defaults        = undef,
+  Optional[String]                          $hash                   = undef,
+  Optional[Boolean]                         $ip_hash                = undef,
+  Optional[Integer[1]]                      $keepalive              = undef,
+  Optional[Boolean]                         $least_conn             = undef,
+  Optional[Nginx::UpstreamLeastTime]        $least_time             = undef,
+  Optional[Boolean]                         $ntlm                   = undef,
+  Optional[Integer]                         $queue_max              = undef,
+  Optional[Nginx::Time]                     $queue_timeout          = undef,
+  Optional[String]                          $random                 = undef,
+  Optional[Stdlib::Unixpath]                $statefile              = undef,
+  Optional[Nginx::UpstreamSticky]           $sticky                 = undef,
+  Optional[Nginx::UpstreamZone]             $zone                   = undef,
+  Optional[Hash]                            $cfg_append             = undef,
+  Optional[Hash]                            $cfg_prepend            = undef,
 ) {
 
   if ! defined(Class['nginx']) {
     fail('You must include the nginx base class before using any defined resources')
   }
 
-  $root_group = $::nginx::root_group
-
-  $ensure_real = $ensure ? {
-    'absent' => absent,
-    default  => present,
+  if $least_time {
+    if $context == 'http' and ! ($least_time =~ Nginx::UpstreamLeastTimeHttp) {
+      fail('The parameter "least_time" does not match the datatype "Nginx::UpstreamLeastTimeHttp"')
+    }
+    if $context == 'stream' and ! ($least_time =~ Nginx::UpstreamLeastTimeStream) {
+      fail('The parameter "least_time" does not match the datatype "Nginx::UpstreamLeastTimeStream"')
+    }
   }
 
-  $conf_dir_real = $upstream_context ? {
-    'stream' => 'conf.stream.d',
-    default  => 'conf.d',
+  $conf_dir = $context ? {
+    'stream' => "${nginx::config::conf_dir}/conf.stream.d",
+    default  => "${nginx::config::conf_dir}/conf.d",
   }
 
-  $conf_dir = "${nginx::config::conf_dir}/${conf_dir_real}"
-
   Concat {
     owner => 'root',
-    group => $root_group,
+    group => $::nginx::root_group,
     mode  => '0644',
   }
 
-  concat { "${nginx::conf_dir}/${conf_dir_real}/${name}-upstream.conf":
-    ensure  => $ensure_real,
+  concat { "${conf_dir}/${name}-upstream.conf":
+    ensure  => $ensure,
     notify  => Class['::nginx::service'],
     require => File[$conf_dir],
   }
 
-  # Uses: $name, $upstream_cfg_prepend
   concat::fragment { "${name}_upstream_header":
-    target  => "${nginx::conf_dir}/${conf_dir_real}/${name}-upstream.conf",
+    target  => "${conf_dir}/${name}-upstream.conf",
     order   => '10',
     content => template('nginx/upstream/upstream_header.erb'),
   }
 
   if $members != undef {
-    # Uses: $members, $upstream_fail_timeout
-    concat::fragment { "${name}_upstream_members":
-      target  => "${nginx::conf_dir}/${conf_dir_real}/${name}-upstream.conf",
-      order   => '50',
-      content => template('nginx/upstream/upstream_members.erb'),
+    $members.each |$member,$values| {
+      $member_values = merge($member_defaults,$values,{'upstream' => $name,'context' => $context})
+
+      if $context == 'stream' and $member_values['route'] {
+        fail('The parameter "route" is not available for upstreams with context "stream"')
+      }
+      if $context == 'stream' and $member_values['state'] and $member_values['state'] == 'drain' {
+        fail('The state "drain" is not available for upstreams with context "stream"')
+      }
+
+      nginx::resource::upstream::member { $member:
+        * => $member_values,
+      }
     }
   } else {
     # Collect exported members:
@@ -105,7 +152,7 @@
   }
 
   concat::fragment { "${name}_upstream_footer":
-    target  => "${nginx::conf_dir}/${conf_dir_real}/${name}-upstream.conf",
+    target  => "${conf_dir}/${name}-upstream.conf",
     order   => '90',
     content => template('nginx/upstream/upstream_footer.erb'),
   }

diff --git a/manifests/resource/upstream/member.pp b/manifests/resource/upstream/member.pp
@@ -9,45 +9,79 @@
 #
 #
 # Parameters:
-#   [*ensure*]                  - Enables or disables the specified member (present|absent)
-#   [*upstream*]                - The name of the upstream resource
-#   [*server*]                  - Hostname or IP of the upstream member server
-#   [*port*]                    - Port of the listening service on the upstream member
-#   [*upstream_fail_timeout*]   - Set the fail_timeout for the upstream. Default is 10 seconds
-#
+#   [*upstream*]              - The name of the upstream resource
+#   [*ensure*]                - Enables or disables the specified member (present|absent)
+#   [*context*]               - Set the type of this upstream (http|stream).
+#   [*server*]                - Hostname or IP of the upstream member server
+#   [*port*]                  - Port of the listening service on the upstream member
+#   [*weight*]                - Set the weight for this upstream member
+#   [*max_conns*]             - Set the max_conns for this upstream member
+#   [*max_fails*]             - Set the max_fails for this upstream member
+#   [*fail_timeout*]          - Set the fail_timeout for this upstream member
+#   [*backup*]                - Activate backup for this upstream member
+#   [*resolve*]               - Activate resolve for this upstream member
+#   [*route*]                 - Set the route for this upstream member
+#   [*service*]               - Set the service for this upstream member
+#   [*slow_start*]            - Set the slow_start for this upstream member
+#   [*state*]                 - Set the state for this upstream member
+#   [*params_prepend*]        - prepend a parameter for this upstream member
+#   [*params_append*]         - append a paremeter for this upstream member
+#   [*comment*]               - Add a comment for this upstream member
 #
 # Examples:
 #
 #   Exporting the resource on a upstream member server:
 #
 #   @@nginx::resource::upstream::member { $trusted['certname']:
-#     ensure    => present,
-#     upstream  => 'proxypass',
-#     server    => $facts['networking']['ip'],
-#     port      => 3000,
+#     ensure   => present,
+#     upstream => 'proxypass',
+#     server   => $facts['networking']['ip'],
+#     port     => 3000,
 #   }
 #
 #
 #   Collecting the resource on the NGINX server:
 #
 #   nginx::resource::upstream { 'proxypass':
-#     ensure    => present,
+#     ensure => present,
 #   }
 #
 define nginx::resource::upstream::member (
-  $upstream,
-  $server,
-  Enum['present', 'absent'] $ensure = 'present',
-  Integer $port                     = 80,
-  $upstream_fail_timeout  = '10s',
+  String                                  $upstream,
+  Enum['present', 'absent']               $ensure           = 'present',
+  Enum['http', 'stream']                  $context          = 'http',
+  Optional[Nginx::UpstreamMemberServer]   $server           = $name,
+  Optional[Stdlib::Port]                  $port             = 80,
+  Optional[Integer[1]]                    $weight           = undef,
+  Optional[Integer[1]]                    $max_conns        = undef,
+  Optional[Integer[1]]                    $max_fails        = undef,
+  Optional[Nginx::Time]                   $fail_timeout     = undef,
+  Optional[Boolean]                       $backup           = undef,
+  Optional[Boolean]                       $resolve          = undef,
+  Optional[String]                        $route            = undef,
+  Optional[String]                        $service          = undef,
+  Optional[Nginx::Time]                   $slow_start       = undef,
+  Optional[Enum['drain','down']]          $state            = undef,
+  Optional[String]                        $params_prepend   = undef,
+  Optional[String]                        $params_append    = undef,
+  Optional[String]                        $comment          = undef,
 ) {
   if ! defined(Class['nginx']) {
     fail('You must include the nginx base class before using any defined resources')
   }
 
-  # Uses: $server, $port, $upstream_fail_timeout
+  $conf_dir = $context ? {
+    'stream' => "${nginx::config::conf_dir}/conf.stream.d",
+    default  => "${nginx::config::conf_dir}/conf.d",
+  }
+
+  $_server = ($server =~ Pattern[/^unix:\/([^\/\0]+\/*)*$/]) ? {
+    true  => $server,
+    false => "${server}:${port}",
+  }
+
   concat::fragment { "${upstream}_upstream_member_${name}":
-    target  => "${nginx::conf_dir}/conf.d/${upstream}-upstream.conf",
+    target  => "${conf_dir}/${upstream}-upstream.conf",
     order   => 40,
     content => template('nginx/upstream/upstream_member.erb'),
   }

diff --git a/spec/classes/nginx_spec.rb b/spec/classes/nginx_spec.rb
@@ -9,7 +9,7 @@
 
       let :params do
         {
-          nginx_upstreams: { 'upstream1' => { 'members' => ['localhost:3000'] } },
+          nginx_upstreams: { 'upstream1' => { 'members' => { 'localhost' => { 'port' => 3000 } } } },
           nginx_servers: { 'test2.local' => { 'www_root' => '/' } },
           nginx_servers_defaults: { 'listen_options' => 'default_server' },
           nginx_locations: { 'test2.local' => { 'server' => 'test2.local', 'www_root' => '/' } },