Browse code
Add ability to run Nova metadata under Apache2
This patch allows to run Nova metadata service using Apache
on port 80 under /metadata URL.
Change-Id: I18f3399738c31166eac884a9b0d5c4045d3f445c
Marian Horban authored on 2015/06/12 02:01:41Showing 2 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,25 @@ |
| 0 |
+Listen %PUBLICPORT% |
|
| 1 |
+ |
|
| 2 |
+<VirtualHost *:%PUBLICPORT%> |
|
| 3 |
+ WSGIDaemonProcess nova-metadata processes=%APIWORKERS% threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV%
|
|
| 4 |
+ WSGIProcessGroup nova-metadata |
|
| 5 |
+ WSGIScriptAlias / %PUBLICWSGI% |
|
| 6 |
+ WSGIApplicationGroup %{GLOBAL}
|
|
| 7 |
+ WSGIPassAuthorization On |
|
| 8 |
+ <IfVersion >= 2.4> |
|
| 9 |
+ ErrorLogFormat "%M" |
|
| 10 |
+ </IfVersion> |
|
| 11 |
+ ErrorLog /var/log/%APACHE_NAME%/nova-metadata.log |
|
| 12 |
+ %SSLENGINE% |
|
| 13 |
+ %SSLCERTFILE% |
|
| 14 |
+ %SSLKEYFILE% |
|
| 15 |
+</VirtualHost> |
|
| 16 |
+ |
|
| 17 |
+Alias /metadata %PUBLICWSGI% |
|
| 18 |
+<Location /metadata> |
|
| 19 |
+ SetHandler wsgi-script |
|
| 20 |
+ Options +ExecCGI |
|
| 21 |
+ WSGIProcessGroup nova-metadata |
|
| 22 |
+ WSGIApplicationGroup %{GLOBAL}
|
|
| 23 |
+ WSGIPassAuthorization On |
|
| 24 |
+</Location> |
| ... | ... |
@@ -7,6 +7,7 @@ |
| 7 | 7 |
# |
| 8 | 8 |
# - ``functions`` file |
| 9 | 9 |
# - ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined |
| 10 |
+# - ``FILES`` |
|
| 10 | 11 |
# - ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined
|
| 11 | 12 |
# - ``LIBVIRT_TYPE`` must be defined |
| 12 | 13 |
# - ``INSTANCE_NAME_PREFIX``, ``VOLUME_NAME_PREFIX`` must be defined |
| ... | ... |
@@ -87,6 +88,7 @@ NOVA_SERVICE_LOCAL_HOST=${NOVA_SERVICE_LOCAL_HOST:-$SERVICE_LOCAL_HOST}
|
| 87 | 87 |
NOVA_SERVICE_LISTEN_ADDRESS=${NOVA_SERVICE_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS}
|
| 88 | 88 |
EC2_SERVICE_PORT=${EC2_SERVICE_PORT:-8773}
|
| 89 | 89 |
EC2_SERVICE_PORT_INT=${EC2_SERVICE_PORT_INT:-18773}
|
| 90 |
+METADATA_SERVICE_PORT=${METADATA_SERVICE_PORT:-8775}
|
|
| 90 | 91 |
|
| 91 | 92 |
# Option to enable/disable config drive |
| 92 | 93 |
# NOTE: Set ``FORCE_CONFIG_DRIVE="False"`` to turn OFF config drive |
| ... | ... |
@@ -241,6 +243,7 @@ function _cleanup_nova_apache_wsgi {
|
| 241 | 241 |
sudo rm -f $NOVA_WSGI_DIR/* |
| 242 | 242 |
sudo rm -f $(apache_site_config_for nova-api) |
| 243 | 243 |
sudo rm -f $(apache_site_config_for nova-ec2-api) |
| 244 |
+ sudo rm -f $(apache_site_config_for nova-metadata) |
|
| 244 | 245 |
} |
| 245 | 246 |
|
| 246 | 247 |
# _config_nova_apache_wsgi() - Set WSGI config files of Keystone |
| ... | ... |
@@ -251,11 +254,14 @@ function _config_nova_apache_wsgi {
|
| 251 | 251 |
nova_apache_conf=$(apache_site_config_for nova-api) |
| 252 | 252 |
local nova_ec2_apache_conf |
| 253 | 253 |
nova_ec2_apache_conf=$(apache_site_config_for nova-ec2-api) |
| 254 |
+ local nova_metadata_apache_conf |
|
| 255 |
+ nova_metadata_apache_conf=$(apache_site_config_for nova-metadata) |
|
| 254 | 256 |
local nova_ssl="" |
| 255 | 257 |
local nova_certfile="" |
| 256 | 258 |
local nova_keyfile="" |
| 257 | 259 |
local nova_api_port=$NOVA_SERVICE_PORT |
| 258 | 260 |
local nova_ec2_api_port=$EC2_SERVICE_PORT |
| 261 |
+ local nova_metadata_port=$METADATA_SERVICE_PORT |
|
| 259 | 262 |
local venv_path="" |
| 260 | 263 |
|
| 261 | 264 |
if is_ssl_enabled_service nova-api; then |
| ... | ... |
@@ -270,6 +276,7 @@ function _config_nova_apache_wsgi {
|
| 270 | 270 |
# copy proxy vhost and wsgi helper files |
| 271 | 271 |
sudo cp $NOVA_DIR/nova/wsgi/nova-api.py $NOVA_WSGI_DIR/nova-api |
| 272 | 272 |
sudo cp $NOVA_DIR/nova/wsgi/nova-ec2-api.py $NOVA_WSGI_DIR/nova-ec2-api |
| 273 |
+ sudo cp $NOVA_DIR/nova/wsgi/nova-metadata.py $NOVA_WSGI_DIR/nova-metadata |
|
| 273 | 274 |
|
| 274 | 275 |
sudo cp $FILES/apache-nova-api.template $nova_apache_conf |
| 275 | 276 |
sudo sed -e " |
| ... | ... |
@@ -296,6 +303,19 @@ function _config_nova_apache_wsgi {
|
| 296 | 296 |
s|%VIRTUALENV%|$venv_path|g |
| 297 | 297 |
s|%APIWORKERS%|$API_WORKERS|g |
| 298 | 298 |
" -i $nova_ec2_apache_conf |
| 299 |
+ |
|
| 300 |
+ sudo cp $FILES/apache-nova-metadata.template $nova_metadata_apache_conf |
|
| 301 |
+ sudo sed -e " |
|
| 302 |
+ s|%PUBLICPORT%|$nova_metadata_port|g; |
|
| 303 |
+ s|%APACHE_NAME%|$APACHE_NAME|g; |
|
| 304 |
+ s|%PUBLICWSGI%|$NOVA_WSGI_DIR/nova-metadata|g; |
|
| 305 |
+ s|%SSLENGINE%|$nova_ssl|g; |
|
| 306 |
+ s|%SSLCERTFILE%|$nova_certfile|g; |
|
| 307 |
+ s|%SSLKEYFILE%|$nova_keyfile|g; |
|
| 308 |
+ s|%USER%|$STACK_USER|g; |
|
| 309 |
+ s|%VIRTUALENV%|$venv_path|g |
|
| 310 |
+ s|%APIWORKERS%|$API_WORKERS|g |
|
| 311 |
+ " -i $nova_metadata_apache_conf |
|
| 299 | 312 |
} |
| 300 | 313 |
|
| 301 | 314 |
# configure_nova() - Set config files, create data dirs, etc |
| ... | ... |
@@ -798,9 +818,11 @@ function start_nova_api {
|
| 798 | 798 |
if [ -f ${enabled_site_file} ] && [ "$NOVA_USE_MOD_WSGI" == "True" ]; then
|
| 799 | 799 |
enable_apache_site nova-api |
| 800 | 800 |
enable_apache_site nova-ec2-api |
| 801 |
+ enable_apache_site nova-metadata |
|
| 801 | 802 |
restart_apache_server |
| 802 | 803 |
tail_log nova-api /var/log/$APACHE_NAME/nova-api.log |
| 803 | 804 |
tail_log nova-ec2-api /var/log/$APACHE_NAME/nova-ec2-api.log |
| 805 |
+ tail_log nova-metadata /var/log/$APACHE_NAME/nova-metadata.log |
|
| 804 | 806 |
else |
| 805 | 807 |
run_process n-api "$NOVA_BIN_DIR/nova-api" |
| 806 | 808 |
fi |
| ... | ... |
@@ -916,6 +938,7 @@ function stop_nova_rest {
|
| 916 | 916 |
if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then |
| 917 | 917 |
disable_apache_site nova-api |
| 918 | 918 |
disable_apache_site nova-ec2-api |
| 919 |
+ disable_apache_site nova-metadata |
|
| 919 | 920 |
restart_apache_server |
| 920 | 921 |
else |
| 921 | 922 |
stop_process n-api |