[MediaWiki-commits] [Gerrit] operations/puppet[production]: profile::etcd::tlsproxy: better read-only error reporting

Mon, 22 May 2017 03:50:58 -0700 

Giuseppe Lavagetto has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/355092 )

Change subject: profile::etcd::tlsproxy: better read-only error reporting
......................................................................


profile::etcd::tlsproxy: better read-only error reporting

Use a format that etcd would use.

Change-Id: Ifcfe4dcde2a155dba8015c81cbfc44dcd03b3d67
---
M modules/profile/manifests/etcd/tlsproxy.pp
M modules/profile/templates/etcd/tls_proxy.conf.erb
2 files changed, 10 insertions(+), 0 deletions(-)

Approvals:
  Giuseppe Lavagetto: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/modules/profile/manifests/etcd/tlsproxy.pp 
b/modules/profile/manifests/etcd/tlsproxy.pp
index ca50168..73d81b9 100644
--- a/modules/profile/manifests/etcd/tlsproxy.pp
+++ b/modules/profile/manifests/etcd/tlsproxy.pp
@@ -37,6 +37,12 @@
         content => '{"errorCode":110,"message":"The request requires user 
authentication","cause":"Insufficient credentials","index":0}',
     }
 
+    file { '/etc/nginx/etcd-errors/readonly.json':
+        ensure  => present,
+        mode    => '0444',
+        content => '{"errorCode":107,"message":"This cluster is in read-only 
mode","cause":"Cluster configured to be read-only","index":0}',
+    }
+
     # I know, this is pretty horrible. Puppet is too, with its
     # allergy for any form of data-structure mangling.
     $htpasswd_files = keys($acls)
diff --git a/modules/profile/templates/etcd/tls_proxy.conf.erb 
b/modules/profile/templates/etcd/tls_proxy.conf.erb
index b6aaab8..30e473a 100644
--- a/modules/profile/templates/etcd/tls_proxy.conf.erb
+++ b/modules/profile/templates/etcd/tls_proxy.conf.erb
@@ -26,6 +26,10 @@
        internal;
     }
 
+    <%- if @read_only %>
+    error_page 403 /readonly.json
+    <%- end -%>
+
     # One year should be enough for anyone(TM)
     proxy_read_timeout 365d;
     # Proxy buffering must be turned off in order not to interfere with

-- 
To view, visit https://gerrit.wikimedia.org/r/355092
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ifcfe4dcde2a155dba8015c81cbfc44dcd03b3d67
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Giuseppe Lavagetto <[email protected]>
Gerrit-Reviewer: Giuseppe Lavagetto <[email protected]>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to