X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fapache.yaml;h=82e0c5ff4c6ca951db7f127fa6e01fc09ac82720;hb=f1c2675073be057677d909d2ac2829c0f34e601b;hp=7595e4c3552717356dc318f80129508bc485f528;hpb=26b56d0e9a76b00b4c87fe394dbdf54fd6a8d3b5;p=apex-tripleo-heat-templates.git

diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml
index 7595e4c3..82e0c5ff 100644
--- a/puppet/services/apache.yaml
+++ b/puppet/services/apache.yaml
@@ -1,10 +1,18 @@
-heat_template_version: 2016-10-14
+heat_template_version: ocata
 
 description: >
   Apache service configured with Puppet. Note this is typically included
   automatically via other services which run via Apache.
 
 parameters:
+  ApacheMaxRequestWorkers:
+    default: 256
+    description: Maximum number of simultaneously processed requests.
+    type: number
+  ApacheServerLimit:
+    default: 256
+    description: Maximum number of Apache processes.
+    type: number
   ServiceNetMap:
     default: {}
     description: Mapping of service_name -> network name. Typically set
@@ -19,6 +27,17 @@ parameters:
     description: Mapping of service endpoint -> protocol. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  EnableInternalTLS:
+    type: boolean
+    default: false
+
+
+resources:
+
+  ApacheTLS:
+    type: OS::TripleO::Services::ApacheTLS
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
 
 outputs:
   role_data:
@@ -26,17 +45,24 @@ outputs:
     value:
       service_name: apache
       config_settings:
-        # for the given network; replacement examples (eg. for internal_api):
-        # internal_api -> IP
-        # internal_api_uri -> [IP]
-        # internal_api_subnet - > IP/CIDR
-        apache::ip: {get_param: [ServiceNetMap, ApacheNetwork]}
-        apache::server_signature: 'Off'
-        apache::server_tokens: 'Prod'
-        apache_remote_proxy_ips_network:
-          str_replace:
-            template: "NETWORK_subnet"
-            params:
-              NETWORK: {get_param: [ServiceNetMap, ApacheNetwork]}
-        apache::mod::remoteip::proxy_ips:
-          - "%{hiera('apache_remote_proxy_ips_network')}"
+        map_merge:
+          - get_attr: [ApacheTLS, role_data, config_settings]
+          -
+            # for the given network; replacement examples (eg. for internal_api):
+            # internal_api -> IP
+            # internal_api_uri -> [IP]
+            # internal_api_subnet - > IP/CIDR
+            apache::ip: {get_param: [ServiceNetMap, ApacheNetwork]}
+            apache::server_signature: 'Off'
+            apache::server_tokens: 'Prod'
+            apache_remote_proxy_ips_network:
+              str_replace:
+                template: "NETWORK_subnet"
+                params:
+                  NETWORK: {get_param: [ServiceNetMap, ApacheNetwork]}
+            apache::mod::prefork::maxclients: { get_param: ApacheMaxRequestWorkers }
+            apache::mod::prefork::serverlimit: { get_param: ApacheServerLimit }
+            apache::mod::remoteip::proxy_ips:
+              - "%{hiera('apache_remote_proxy_ips_network')}"
+      metadata_settings:
+        get_attr: [ApacheTLS, role_data, metadata_settings]