Skip to content

Commit 61b0369

Browse files
fmountclaude
andcommitted
Add httpd-overrides sample with custom httpd configuration support
Introduces a new sample demonstrating how to customize Apache HTTPD configuration in heat-operator using extraMounts. The sample includes "httpd_custom_timeout.conf" to override Apache timeout settings via ConfigMaps mounted to "/etc/httpd/conf_custom/". This approach leverages the "extraMounts" feature to inject custom configuration files loaded from "/etc/httpd/conf_custom", enabling users to modify httpd settings without introducing new API parameters to the operator. See `config/samples/httpd-overrides/README.md` for detailed implementation instructions, including deployment steps and verification procedures. Co-Authored-By: Claude Opus <noreply@anthropic.com> Signed-off-by: Francesco Pantano <fpantano@redhat.com>
1 parent 88f3a3e commit 61b0369

7 files changed

Lines changed: 204 additions & 0 deletions

File tree

README.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,11 @@ These are user defined, and should be present prior to the deployment of the Hea
140140

141141
To undeploy the operator, simply set the `enabled` value to false from within the `OpenStackControlPlane` resource.
142142

143+
### Customize httpd
144+
145+
- [Customize httpd](config/samples/httpd-overrides): inject custom httpd
146+
configuration through extraMounts interface
147+
143148
## Contributing
144149

145150
The following guide relies on a already deployed `OpenStackControlPlane`. If you don't already have this, you can
Lines changed: 137 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,137 @@
1+
# Heat HTTPD Configuration Overrides
2+
3+
The heat-operator provides mechanisms to customize the Apache HTTPD server
4+
configuration through the use of custom configuration files. This feature
5+
leverages the
6+
[ExtraMounts](https://github.com/openstack-k8s-operators/dev-docs/blob/main/extra_mounts.md)
7+
functionality to mount custom HTTPD configuration files into the Heat
8+
deployment.
9+
10+
## How It Works
11+
12+
1. **Custom Configuration Files**: Create HTTPD configuration files with your
13+
custom settings
14+
2. **ConfigMap**: Create ConfigMaps from files containing the overrides
15+
3. **OpenStackControlPlane Patch**: Patch the control plane to mount the
16+
generated ConfigMap into Heat containers. The HTTPD configuration
17+
automatically includes files mounted to `/etc/httpd/conf_custom/*.conf`
18+
19+
20+
### Step 1: Create Custom HTTPD Configuration
21+
22+
Create your custom HTTPD configuration file(s). As a best practice the filename
23+
could start with the `httpd_custom_` prefix, but all `*.conf` files mounted to
24+
`/etc/httpd/conf_custom/` are automatically included by the `IncludeOptional`
25+
directive in the base `httpd` configuration.
26+
27+
Example (`httpd_custom_timeout.conf`):
28+
```apache
29+
# Custom timeout settings for Heat
30+
Timeout 300
31+
KeepAliveTimeout 15
32+
```
33+
34+
### Step 2. Create a ConfigMap
35+
36+
Create a Kubernetes `ConfigMap` containing your custom configuration files:
37+
38+
```bash
39+
oc create configmap httpd-overrides --from-file=httpd_custom_timeout.conf
40+
```
41+
42+
It is possible to add multiple configuration files containing dedicated
43+
configuration directives:
44+
45+
```bash
46+
oc create configmap httpd-overrides \
47+
--from-file=httpd_custom_timeout.conf \
48+
--from-file=httpd_custom_security.conf \
49+
--from-file=httpd_custom_logging.conf
50+
```
51+
52+
The following example is based on a single customization file and demonstrates
53+
how to set custom `Timeout` and `KeepAliveTimeout` parameters.
54+
55+
### Step 3: Configure ExtraMounts in the OpenStackControlPlane
56+
57+
Update your `OpenStackControlPlane` resource to include the custom HTTPD
58+
configuration files using `extraMounts`. The simplest approach is to mount
59+
the entire ConfigMap to the target `/etc/httpd/conf_custom` mount point.
60+
61+
Heat exposes two API services (`heatAPI` and `heatCfnAPI`), each with its
62+
own HTTPD vhost. You can apply overrides to either or both:
63+
64+
```yaml
65+
apiVersion: core.openstack.org/v1beta1
66+
kind: OpenStackControlPlane
67+
metadata:
68+
name: openstack
69+
spec:
70+
heat:
71+
template:
72+
heatAPI:
73+
extraMounts:
74+
- extraVol:
75+
- extraVolType: httpd-overrides
76+
mounts:
77+
- mountPath: /etc/httpd/conf_custom
78+
name: httpd-overrides
79+
readOnly: true
80+
volumes:
81+
- configMap:
82+
name: httpd-overrides
83+
name: httpd-overrides
84+
heatCfnAPI:
85+
extraMounts:
86+
- extraVol:
87+
- extraVolType: httpd-overrides
88+
mounts:
89+
- mountPath: /etc/httpd/conf_custom
90+
name: httpd-overrides
91+
readOnly: true
92+
volumes:
93+
- configMap:
94+
name: httpd-overrides
95+
name: httpd-overrides
96+
```
97+
98+
## Common Use Cases
99+
100+
- **Timeout Adjustments**: Modify request timeout values for specific environments
101+
- **Security Headers**: Add custom security headers or configurations
102+
- **Logging**: Customize Apache logging configuration
103+
- **Performance Tuning**: Adjust worker processes, connection limits, etc.
104+
105+
## Verification
106+
107+
After deploying your custom `HTTPD` configuration, you can verify that the
108+
settings have been properly applied:
109+
110+
### 1. Find the Heat Pod
111+
112+
First, identify the running Heat pod:
113+
114+
```bash
115+
$ oc get pods -l service=heat
116+
```
117+
118+
### 2. Verify Configuration Loading
119+
120+
Connect to the Heat Pod and check that your custom configuration has been
121+
loaded:
122+
123+
```bash
124+
# Replace <heat-pod-name> with the actual pod name from step 1
125+
oc rsh -c heat-api-httpd <heat-pod-name>
126+
# Inside the pod, dump the HTTPD configuration and check for your custom settings
127+
httpd -D DUMP_CONFIG
128+
```
129+
130+
### 3. Additional Verification Commands
131+
132+
You can also verify other aspects of the configuration:
133+
134+
```bash
135+
# Check all loaded configuration files
136+
$ httpd -D DUMP_INCLUDES
137+
```
Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
# Custom timeout settings for Heat HTTPD
2+
# This file demonstrates how to override default timeout values
3+
# for Apache HTTPD serving Heat API requests
4+
Timeout 300
5+
KeepAliveTimeout 15
Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
apiVersion: core.openstack.org/v1beta1
2+
kind: OpenStackControlPlane
3+
metadata:
4+
name: openstack
5+
spec:
6+
heat:
7+
template:
8+
heatAPI:
9+
extraMounts:
10+
- extraVol:
11+
- extraVolType: httpd-overrides
12+
mounts:
13+
- mountPath: /etc/httpd/conf_custom
14+
name: httpd-overrides
15+
readOnly: true
16+
volumes:
17+
- configMap:
18+
name: httpd-overrides
19+
name: httpd-overrides
20+
heatCfnAPI:
21+
extraMounts:
22+
- extraVol:
23+
- extraVolType: httpd-overrides
24+
mounts:
25+
- mountPath: /etc/httpd/conf_custom
26+
name: httpd-overrides
27+
readOnly: true
28+
volumes:
29+
- configMap:
30+
name: httpd-overrides
31+
name: httpd-overrides
Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
apiVersion: kustomize.config.k8s.io/v1beta1
2+
kind: Kustomization
3+
4+
resources:
5+
- https://raw.githubusercontent.com/openstack-k8s-operators/openstack-operator/main/config/samples/core_v1beta1_openstackcontrolplane_galera_network_isolation.yaml
6+
7+
patches:
8+
- target:
9+
kind: OpenStackControlPlane
10+
name: .*
11+
patch: |-
12+
- op: replace
13+
path: /metadata/name
14+
value: openstack
15+
- path: httpd_overrides.yaml
16+
17+
configMapGenerator:
18+
- files:
19+
- ./httpd_custom_timeout.conf
20+
name: httpd-overrides

templates/heat/config/heat-api-httpd.conf

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -54,5 +54,8 @@ ErrorLog /dev/stdout
5454
WSGIPassAuthorization On
5555

5656
Timeout {{ $.Timeout }}
57+
58+
IncludeOptional conf_custom/*.conf
59+
5760
</VirtualHost>
5861
{{ end }}

templates/heat/config/heat-cfnapi-httpd.conf

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -54,5 +54,8 @@ ErrorLog /dev/stdout
5454
WSGIPassAuthorization On
5555

5656
Timeout {{ $.Timeout }}
57+
58+
IncludeOptional conf_custom/*.conf
59+
5760
</VirtualHost>
5861
{{ end }}

0 commit comments

Comments
 (0)