Skip to content

Commit d4b06cd

Browse files
fmountclaude
andcommitted
Add httpd-overrides sample with custom httpd configuration support
Introduces a new sample demonstrating how to customize Apache HTTPD configuration in neutron-operator using extraMounts. The sample includes "httpd_custom_connection.conf" to override Apache MaxKeepAliveRequests settings via ConfigMaps mounted to "/etc/httpd/conf_custom/". This approach leverages the "extraMounts" feature to inject custom configuration files loaded from "/etc/httpd/conf_custom", enabling users to modify httpd settings without introducing new API parameters to the operator. See `config/samples/httpd-overrides/README.md` for detailed implementation instructions, including deployment steps and verification procedures. Co-Authored-By: Claude Opus <noreply@anthropic.com> Signed-off-by: Francesco Pantano <fpantano@redhat.com>
1 parent 5e81a0e commit d4b06cd

6 files changed

Lines changed: 172 additions & 0 deletions

File tree

README.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -224,6 +224,11 @@ spec:
224224
The data defined in `/var/lib/neutron/third_party/partner1` will be mounted
225225
to the resulting neutronAPI pod.
226226

227+
## Customize httpd
228+
229+
- [Customize httpd](config/samples/httpd-overrides): inject custom httpd
230+
configuration through extraMounts interface
231+
227232
# Design
228233
*TBD*
229234

Lines changed: 121 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,121 @@
1+
# Neutron HTTPD Configuration Overrides
2+
3+
The neutron-operator provides mechanisms to customize the Apache HTTPD server
4+
configuration through the use of custom configuration files. This feature
5+
leverages the
6+
[ExtraMounts](https://github.com/openstack-k8s-operators/dev-docs/blob/main/extra_mounts.md)
7+
functionality to mount custom HTTPD configuration files into the Neutron
8+
deployment.
9+
10+
## How It Works
11+
12+
1. **Custom Configuration Files**: Create HTTPD configuration files with your
13+
custom settings
14+
2. **ConfigMap**: Create ConfigMaps from files containing the overrides
15+
3. **OpenStackControlPlane Patch**: Patch the control plane to mount the
16+
generated ConfigMap into Neutron containers. The HTTPD configuration
17+
automatically includes files mounted to `/etc/httpd/conf_custom/*.conf`
18+
19+
20+
### Step 1: Create Custom HTTPD Configuration
21+
22+
Create your custom HTTPD configuration file(s). As a best practice the filename
23+
could start with the `httpd_custom_` prefix, but all `*.conf` files mounted to
24+
`/etc/httpd/conf_custom/` are automatically included by the `IncludeOptional`
25+
directive in the base `httpd` configuration.
26+
27+
Example (`httpd_custom_connection.conf`):
28+
```apache
29+
# Custom connection settings for Neutron
30+
MaxKeepAliveRequests 200
31+
KeepAliveTimeout 15
32+
```
33+
34+
### Step 2. Create a ConfigMap
35+
36+
Create a Kubernetes `ConfigMap` containing your custom configuration files:
37+
38+
```bash
39+
oc create configmap httpd-overrides --from-file=httpd_custom_connection.conf
40+
```
41+
42+
It is possible to add multiple configuration files containing dedicated
43+
configuration directives:
44+
45+
```bash
46+
oc create configmap httpd-overrides \
47+
--from-file=httpd_custom_connection.conf \
48+
--from-file=httpd_custom_security.conf \
49+
--from-file=httpd_custom_logging.conf
50+
```
51+
52+
The following example is based on a single customization file and demonstrates
53+
how to set custom `MaxKeepAliveRequests` and `KeepAliveTimeout` parameters.
54+
55+
### Step 3: Configure ExtraMounts in the OpenStackControlPlane
56+
57+
Update your `OpenStackControlPlane` resource to include the custom HTTPD
58+
configuration files using `extraMounts`. The simplest approach is to mount
59+
the entire ConfigMap to the target `/etc/httpd/conf_custom` mount point:
60+
61+
```yaml
62+
apiVersion: core.openstack.org/v1beta1
63+
kind: OpenStackControlPlane
64+
metadata:
65+
name: openstack
66+
spec:
67+
neutron:
68+
template:
69+
extraMounts:
70+
- extraVol:
71+
- extraVolType: httpd-overrides
72+
mounts:
73+
- mountPath: /etc/httpd/conf_custom
74+
name: httpd-overrides
75+
readOnly: true
76+
volumes:
77+
- configMap:
78+
name: httpd-overrides
79+
name: httpd-overrides
80+
```
81+
82+
## Common Use Cases
83+
84+
- **Connection Tuning**: Adjust keep-alive settings, connection limits, etc.
85+
- **Security Headers**: Add custom security headers or configurations
86+
- **Logging**: Customize Apache logging configuration
87+
- **Performance Tuning**: Adjust worker processes, thread limits, etc.
88+
89+
## Verification
90+
91+
After deploying your custom `HTTPD` configuration, you can verify that the
92+
settings have been properly applied:
93+
94+
### 1. Find the Neutron Pod
95+
96+
First, identify the running Neutron pod:
97+
98+
```bash
99+
$ oc get pods -l service=neutron
100+
```
101+
102+
### 2. Verify Configuration Loading
103+
104+
Connect to the Neutron Pod and check that your custom configuration has been
105+
loaded:
106+
107+
```bash
108+
# Replace <neutron-pod-name> with the actual pod name from step 1
109+
oc rsh -c neutron-httpd <neutron-pod-name>
110+
# Inside the pod, dump the HTTPD configuration and check for your custom settings
111+
httpd -D DUMP_CONFIG
112+
```
113+
114+
### 3. Additional Verification Commands
115+
116+
You can also verify other aspects of the configuration:
117+
118+
```bash
119+
# Check all loaded configuration files
120+
$ httpd -D DUMP_INCLUDES
121+
```
Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
# Custom connection settings for Neutron HTTPD
2+
# This file demonstrates how to override default connection parameters
3+
# for Apache HTTPD serving Neutron API requests
4+
MaxKeepAliveRequests 200
5+
KeepAliveTimeout 15
Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
apiVersion: core.openstack.org/v1beta1
2+
kind: OpenStackControlPlane
3+
metadata:
4+
name: openstack
5+
spec:
6+
neutron:
7+
template:
8+
extraMounts:
9+
- extraVol:
10+
- extraVolType: httpd-overrides
11+
mounts:
12+
- mountPath: /etc/httpd/conf_custom
13+
name: httpd-overrides
14+
readOnly: true
15+
volumes:
16+
- configMap:
17+
name: httpd-overrides
18+
name: httpd-overrides
Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
apiVersion: kustomize.config.k8s.io/v1beta1
2+
kind: Kustomization
3+
4+
resources:
5+
- https://raw.githubusercontent.com/openstack-k8s-operators/openstack-operator/main/config/samples/core_v1beta1_openstackcontrolplane_galera_network_isolation.yaml
6+
7+
patches:
8+
- target:
9+
kind: OpenStackControlPlane
10+
name: .*
11+
patch: |-
12+
- op: replace
13+
path: /metadata/name
14+
value: openstack
15+
- path: httpd_overrides.yaml
16+
17+
configMapGenerator:
18+
- files:
19+
- ./httpd_custom_connection.conf
20+
name: httpd-overrides

templates/neutronapi/httpd/10-neutron-httpd.conf

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,5 +32,8 @@
3232
SSLCertificateFile "{{ $vhost.SSLCertificateFile }}"
3333
SSLCertificateKeyFile "{{ $vhost.SSLCertificateKeyFile }}"
3434
{{- end }}
35+
36+
IncludeOptional conf_custom/*.conf
37+
3538
</VirtualHost>
3639
{{ end }}

0 commit comments

Comments
 (0)