Browse code
Merge "Keystone support deploy in uwsgi"
Jenkins authored on 2016/02/18 15:50:18Showing 2 changed files
| ... | ... |
@@ -1429,14 +1429,17 @@ function run_process {
|
| 1429 | 1429 |
local service=$1 |
| 1430 | 1430 |
local command="$2" |
| 1431 | 1431 |
local group=$3 |
| 1432 |
+ local subservice=$4 |
|
| 1433 |
+ |
|
| 1434 |
+ local name=${subservice:-$service}
|
|
| 1432 | 1435 |
|
| 1433 | 1436 |
time_start "run_process" |
| 1434 | 1437 |
if is_service_enabled $service; then |
| 1435 | 1438 |
if [[ "$USE_SCREEN" = "True" ]]; then |
| 1436 |
- screen_process "$service" "$command" "$group" |
|
| 1439 |
+ screen_process "$name" "$command" "$group" |
|
| 1437 | 1440 |
else |
| 1438 | 1441 |
# Spawn directly without screen |
| 1439 |
- _run_process "$service" "$command" "$group" & |
|
| 1442 |
+ _run_process "$name" "$command" "$group" & |
|
| 1440 | 1443 |
fi |
| 1441 | 1444 |
fi |
| 1442 | 1445 |
time_stop "run_process" |
| ... | ... |
@@ -62,6 +62,7 @@ KEYSTONE_USE_MOD_WSGI=${KEYSTONE_USE_MOD_WSGI:-${ENABLE_HTTPD_MOD_WSGI_SERVICES}
|
| 62 | 62 |
# KEYSTONE_DEPLOY defines how keystone is deployed, allowed values: |
| 63 | 63 |
# - mod_wsgi : Run keystone under Apache HTTPd mod_wsgi |
| 64 | 64 |
# - eventlet : Run keystone-all |
| 65 |
+# - uwsgi : Run keystone under uwsgi |
|
| 65 | 66 |
if [ -z "$KEYSTONE_DEPLOY" ]; then |
| 66 | 67 |
if [ -z "$KEYSTONE_USE_MOD_WSGI" ]; then |
| 67 | 68 |
KEYSTONE_DEPLOY=mod_wsgi |
| ... | ... |
@@ -244,16 +245,15 @@ function configure_keystone {
|
| 244 | 244 |
# Register SSL certificates if provided |
| 245 | 245 |
if is_ssl_enabled_service key; then |
| 246 | 246 |
ensure_certificates KEYSTONE |
| 247 |
- |
|
| 248 |
- iniset $KEYSTONE_CONF eventlet_server_ssl enable True |
|
| 249 |
- iniset $KEYSTONE_CONF eventlet_server_ssl certfile $KEYSTONE_SSL_CERT |
|
| 250 |
- iniset $KEYSTONE_CONF eventlet_server_ssl keyfile $KEYSTONE_SSL_KEY |
|
| 251 | 247 |
fi |
| 252 | 248 |
|
| 249 |
+ local service_port=$KEYSTONE_SERVICE_PORT |
|
| 250 |
+ local auth_port=$KEYSTONE_AUTH_PORT |
|
| 251 |
+ |
|
| 253 | 252 |
if is_service_enabled tls-proxy; then |
| 254 | 253 |
# Set the service ports for a proxy to take the originals |
| 255 |
- iniset $KEYSTONE_CONF eventlet_server public_port $KEYSTONE_SERVICE_PORT_INT |
|
| 256 |
- iniset $KEYSTONE_CONF eventlet_server admin_port $KEYSTONE_AUTH_PORT_INT |
|
| 254 |
+ service_port=$KEYSTONE_SERVICE_PORT_INT |
|
| 255 |
+ auth_port=$KEYSTONE_AUTH_PORT_INT |
|
| 257 | 256 |
|
| 258 | 257 |
iniset $KEYSTONE_CONF DEFAULT public_endpoint $KEYSTONE_SERVICE_URI |
| 259 | 258 |
iniset $KEYSTONE_CONF DEFAULT admin_endpoint $KEYSTONE_AUTH_URI |
| ... | ... |
@@ -273,7 +273,7 @@ function configure_keystone {
|
| 273 | 273 |
fi |
| 274 | 274 |
|
| 275 | 275 |
# Format logging |
| 276 |
- if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ] && [ "$KEYSTONE_DEPLOY" == "eventlet" ] ; then |
|
| 276 |
+ if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ] && [ "$KEYSTONE_DEPLOY" != "mod_wsgi" ] ; then |
|
| 277 | 277 |
setup_colorized_logging $KEYSTONE_CONF DEFAULT |
| 278 | 278 |
fi |
| 279 | 279 |
|
| ... | ... |
@@ -285,7 +285,58 @@ function configure_keystone {
|
| 285 | 285 |
iniset $KEYSTONE_CONF DEFAULT logging_debug_format_suffix "%(asctime)s.%(msecs)03d %(funcName)s %(pathname)s:%(lineno)d" |
| 286 | 286 |
iniset $KEYSTONE_CONF DEFAULT logging_exception_prefix "%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s" |
| 287 | 287 |
_config_keystone_apache_wsgi |
| 288 |
- else |
|
| 288 |
+ elif [ "$KEYSTONE_DEPLOY" == "uwsgi" ]; then |
|
| 289 |
+ # iniset creates these files when it's called if they don't exist. |
|
| 290 |
+ KEYSTONE_PUBLIC_UWSGI_FILE=$KEYSTONE_CONF_DIR/keystone-uwsgi-public.ini |
|
| 291 |
+ KEYSTONE_ADMIN_UWSGI_FILE=$KEYSTONE_CONF_DIR/keystone-uwsgi-admin.ini |
|
| 292 |
+ |
|
| 293 |
+ rm -f "$KEYSTONE_PUBLIC_UWSGI_FILE" |
|
| 294 |
+ rm -f "$KEYSTONE_ADMIN_UWSGI_FILE" |
|
| 295 |
+ |
|
| 296 |
+ if is_ssl_enabled_service key; then |
|
| 297 |
+ iniset "$KEYSTONE_PUBLIC_UWSGI_FILE" uwsgi https $KEYSTONE_SERVICE_HOST:$service_port,$KEYSTONE_SSL_CERT,$KEYSTONE_SSL_KEY |
|
| 298 |
+ iniset "$KEYSTONE_ADMIN_UWSGI_FILE" uwsgi https $KEYSTONE_ADMIN_BIND_HOST:$auth_port,$KEYSTONE_SSL_CERT,$KEYSTONE_SSL_KEY |
|
| 299 |
+ else |
|
| 300 |
+ iniset "$KEYSTONE_PUBLIC_UWSGI_FILE" uwsgi http $KEYSTONE_SERVICE_HOST:$service_port |
|
| 301 |
+ iniset "$KEYSTONE_ADMIN_UWSGI_FILE" uwsgi http $KEYSTONE_ADMIN_BIND_HOST:$auth_port |
|
| 302 |
+ fi |
|
| 303 |
+ |
|
| 304 |
+ iniset "$KEYSTONE_PUBLIC_UWSGI_FILE" uwsgi wsgi-file "$KEYSTONE_BIN_DIR/keystone-wsgi-public" |
|
| 305 |
+ # This is running standalone |
|
| 306 |
+ iniset "$KEYSTONE_PUBLIC_UWSGI_FILE" uwsgi master true |
|
| 307 |
+ iniset "$KEYSTONE_PUBLIC_UWSGI_FILE" uwsgi threads $(nproc) |
|
| 308 |
+ iniset "$KEYSTONE_PUBLIC_UWSGI_FILE" uwsgi enable-threads true |
|
| 309 |
+ iniset "$KEYSTONE_PUBLIC_UWSGI_FILE" uwsgi plugins python |
|
| 310 |
+ # uwsgi recommends this to prevent thundering herd on accept. |
|
| 311 |
+ iniset "$KEYSTONE_PUBLIC_UWSGI_FILE" uwsgi thunder-lock true |
|
| 312 |
+ # Override the default size for headers from the 4k default. |
|
| 313 |
+ iniset "$KEYSTONE_PUBLIC_UWSGI_FILE" uwsgi buffer-size 65535 |
|
| 314 |
+ # Make sure the client doesn't try to re-use the connection. |
|
| 315 |
+ iniset "$KEYSTONE_PUBLIC_UWSGI_FILE" uwsgi add-header "Connection: close" |
|
| 316 |
+ |
|
| 317 |
+ iniset "$KEYSTONE_ADMIN_UWSGI_FILE" uwsgi wsgi-file "$KEYSTONE_BIN_DIR/keystone-wsgi-admin" |
|
| 318 |
+ # This is running standalone |
|
| 319 |
+ iniset "$KEYSTONE_ADMIN_UWSGI_FILE" uwsgi master true |
|
| 320 |
+ iniset "$KEYSTONE_ADMIN_UWSGI_FILE" uwsgi threads $API_WORKERS |
|
| 321 |
+ iniset "$KEYSTONE_ADMIN_UWSGI_FILE" uwsgi enable-threads true |
|
| 322 |
+ iniset "$KEYSTONE_ADMIN_UWSGI_FILE" uwsgi plugins python |
|
| 323 |
+ # uwsgi recommends this to prevent thundering herd on accept. |
|
| 324 |
+ iniset "$KEYSTONE_ADMIN_UWSGI_FILE" uwsgi thunder-lock true |
|
| 325 |
+ # Override the default size for headers from the 4k default. |
|
| 326 |
+ iniset "$KEYSTONE_ADMIN_UWSGI_FILE" uwsgi buffer-size 65535 |
|
| 327 |
+ # Make sure the client doesn't try to re-use the connection. |
|
| 328 |
+ iniset "$KEYSTONE_ADMIN_UWSGI_FILE" uwsgi add-header "Connection: close" |
|
| 329 |
+ |
|
| 330 |
+ else # eventlet |
|
| 331 |
+ if is_ssl_enabled_service key; then |
|
| 332 |
+ iniset $KEYSTONE_CONF eventlet_server_ssl enable True |
|
| 333 |
+ iniset $KEYSTONE_CONF eventlet_server_ssl certfile $KEYSTONE_SSL_CERT |
|
| 334 |
+ iniset $KEYSTONE_CONF eventlet_server_ssl keyfile $KEYSTONE_SSL_KEY |
|
| 335 |
+ fi |
|
| 336 |
+ |
|
| 337 |
+ iniset $KEYSTONE_CONF eventlet_server public_port $service_port |
|
| 338 |
+ iniset $KEYSTONE_CONF eventlet_server admin_port $auth_port |
|
| 339 |
+ |
|
| 289 | 340 |
iniset $KEYSTONE_CONF eventlet_server admin_bind_host "$KEYSTONE_ADMIN_BIND_HOST" |
| 290 | 341 |
iniset $KEYSTONE_CONF eventlet_server admin_workers "$API_WORKERS" |
| 291 | 342 |
# Public workers will use the server default, typically number of CPU. |
| ... | ... |
@@ -530,7 +581,10 @@ function start_keystone {
|
| 530 | 530 |
restart_apache_server |
| 531 | 531 |
tail_log key /var/log/$APACHE_NAME/keystone.log |
| 532 | 532 |
tail_log key-access /var/log/$APACHE_NAME/keystone_access.log |
| 533 |
- else |
|
| 533 |
+ elif [ "$KEYSTONE_DEPLOY" == "uwsgi" ]; then |
|
| 534 |
+ run_process key "uwsgi $KEYSTONE_PUBLIC_UWSGI_FILE" "" "key-p" |
|
| 535 |
+ run_process key "uwsgi $KEYSTONE_ADMIN_UWSGI_FILE" "" "key-a" |
|
| 536 |
+ else # eventlet |
|
| 534 | 537 |
# Start Keystone in a screen window |
| 535 | 538 |
run_process key "$KEYSTONE_BIN_DIR/keystone-all --config-file $KEYSTONE_CONF" |
| 536 | 539 |
fi |