Add templates for running Heat API services via
apache mod_wsgi. Also add appropriate functions to
lib/heat for configuring Heat.
Change-Id: I1bdd678c44ddfa616a9db7db85ff6f490ff08947
303 | 309 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,27 @@ |
0 |
+Listen %PUBLICPORT% |
|
1 |
+ |
|
2 |
+<VirtualHost *:%PUBLICPORT%> |
|
3 |
+ WSGIDaemonProcess heat-api-cfn processes=2 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV% |
|
4 |
+ WSGIProcessGroup heat-api-cfn |
|
5 |
+ WSGIScriptAlias / %HEAT_BIN_DIR%/heat-wsgi-api-cfn |
|
6 |
+ WSGIApplicationGroup %{GLOBAL} |
|
7 |
+ WSGIPassAuthorization On |
|
8 |
+ AllowEncodedSlashes On |
|
9 |
+ <IfVersion >= 2.4> |
|
10 |
+ ErrorLogFormat "%{cu}t %M" |
|
11 |
+ </IfVersion> |
|
12 |
+ ErrorLog /var/log/%APACHE_NAME%/heat-api-cfn.log |
|
13 |
+ %SSLENGINE% |
|
14 |
+ %SSLCERTFILE% |
|
15 |
+ %SSLKEYFILE% |
|
16 |
+ |
|
17 |
+ <Directory %HEAT_BIN_DIR%> |
|
18 |
+ <IfVersion >= 2.4> |
|
19 |
+ Require all granted |
|
20 |
+ </IfVersion> |
|
21 |
+ <IfVersion < 2.4> |
|
22 |
+ Order allow,deny |
|
23 |
+ Allow from all |
|
24 |
+ </IfVersion> |
|
25 |
+ </Directory> |
|
26 |
+</VirtualHost> |
0 | 27 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,27 @@ |
0 |
+Listen %PUBLICPORT% |
|
1 |
+ |
|
2 |
+<VirtualHost *:%PUBLICPORT%> |
|
3 |
+ WSGIDaemonProcess heat-api-cloudwatch processes=2 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV% |
|
4 |
+ WSGIProcessGroup heat-api-cloudwatch |
|
5 |
+ WSGIScriptAlias / %HEAT_BIN_DIR%/heat-wsgi-api-cloudwatch |
|
6 |
+ WSGIApplicationGroup %{GLOBAL} |
|
7 |
+ WSGIPassAuthorization On |
|
8 |
+ AllowEncodedSlashes On |
|
9 |
+ <IfVersion >= 2.4> |
|
10 |
+ ErrorLogFormat "%{cu}t %M" |
|
11 |
+ </IfVersion> |
|
12 |
+ ErrorLog /var/log/%APACHE_NAME%/heat-api-cloudwatch.log |
|
13 |
+ %SSLENGINE% |
|
14 |
+ %SSLCERTFILE% |
|
15 |
+ %SSLKEYFILE% |
|
16 |
+ |
|
17 |
+ <Directory %HEAT_BIN_DIR%> |
|
18 |
+ <IfVersion >= 2.4> |
|
19 |
+ Require all granted |
|
20 |
+ </IfVersion> |
|
21 |
+ <IfVersion < 2.4> |
|
22 |
+ Order allow,deny |
|
23 |
+ Allow from all |
|
24 |
+ </IfVersion> |
|
25 |
+ </Directory> |
|
26 |
+</VirtualHost> |
0 | 27 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,27 @@ |
0 |
+Listen %PUBLICPORT% |
|
1 |
+ |
|
2 |
+<VirtualHost *:%PUBLICPORT%> |
|
3 |
+ WSGIDaemonProcess heat-api processes=3 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV% |
|
4 |
+ WSGIProcessGroup heat-api |
|
5 |
+ WSGIScriptAlias / %HEAT_BIN_DIR%/heat-wsgi-api |
|
6 |
+ WSGIApplicationGroup %{GLOBAL} |
|
7 |
+ WSGIPassAuthorization On |
|
8 |
+ AllowEncodedSlashes On |
|
9 |
+ <IfVersion >= 2.4> |
|
10 |
+ ErrorLogFormat "%{cu}t %M" |
|
11 |
+ </IfVersion> |
|
12 |
+ ErrorLog /var/log/%APACHE_NAME%/heat-api.log |
|
13 |
+ %SSLENGINE% |
|
14 |
+ %SSLCERTFILE% |
|
15 |
+ %SSLKEYFILE% |
|
16 |
+ |
|
17 |
+ <Directory %HEAT_BIN_DIR%> |
|
18 |
+ <IfVersion >= 2.4> |
|
19 |
+ Require all granted |
|
20 |
+ </IfVersion> |
|
21 |
+ <IfVersion < 2.4> |
|
22 |
+ Order allow,deny |
|
23 |
+ Allow from all |
|
24 |
+ </IfVersion> |
|
25 |
+ </Directory> |
|
26 |
+</VirtualHost> |
... | ... |
@@ -16,6 +16,7 @@ |
16 | 16 |
# - install_heat |
17 | 17 |
# - configure_heatclient |
18 | 18 |
# - configure_heat |
19 |
+# - _config_heat_apache_wsgi |
|
19 | 20 |
# - init_heat |
20 | 21 |
# - start_heat |
21 | 22 |
# - stop_heat |
... | ... |
@@ -32,6 +33,9 @@ set +o xtrace |
32 | 32 |
# set up default directories |
33 | 33 |
GITDIR["python-heatclient"]=$DEST/python-heatclient |
34 | 34 |
|
35 |
+# Toggle for deploying Heat-API under HTTPD + mod_wsgi |
|
36 |
+HEAT_USE_MOD_WSGI=${HEAT_USE_MOD_WSGI:-False} |
|
37 |
+ |
|
35 | 38 |
HEAT_DIR=$DEST/heat |
36 | 39 |
HEAT_CFNTOOLS_DIR=$DEST/heat-cfntools |
37 | 40 |
HEAT_TEMPLATES_REPO_DIR=$DEST/heat-templates |
... | ... |
@@ -117,13 +121,17 @@ function configure_heat { |
117 | 117 |
# logging |
118 | 118 |
iniset $HEAT_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
119 | 119 |
iniset $HEAT_CONF DEFAULT use_syslog $SYSLOG |
120 |
- if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then |
|
120 |
+ if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ] && [ "$HEAT_USE_MOD_WSGI" == "False" ] ; then |
|
121 | 121 |
# Add color to logging output |
122 | 122 |
setup_colorized_logging $HEAT_CONF DEFAULT tenant user |
123 | 123 |
fi |
124 | 124 |
|
125 | 125 |
iniset $HEAT_CONF DEFAULT deferred_auth_method $HEAT_DEFERRED_AUTH |
126 | 126 |
|
127 |
+ if [ "$HEAT_USE_MOD_WSGI" == "True" ]; then |
|
128 |
+ _config_heat_apache_wsgi |
|
129 |
+ fi |
|
130 |
+ |
|
127 | 131 |
# NOTE(jamielennox): heat re-uses specific values from the |
128 | 132 |
# keystone_authtoken middleware group and so currently fails when using the |
129 | 133 |
# auth plugin setup. This should be fixed in heat. Heat is also the only |
... | ... |
@@ -211,6 +219,9 @@ function install_heatclient { |
211 | 211 |
function install_heat { |
212 | 212 |
git_clone $HEAT_REPO $HEAT_DIR $HEAT_BRANCH |
213 | 213 |
setup_develop $HEAT_DIR |
214 |
+ if [ "$HEAT_USE_MOD_WSGI" == "True" ]; then |
|
215 |
+ install_apache_wsgi |
|
216 |
+ fi |
|
214 | 217 |
} |
215 | 218 |
|
216 | 219 |
# install_heat_other() - Collect source and prepare |
... | ... |
@@ -226,20 +237,102 @@ function install_heat_other { |
226 | 226 |
# start_heat() - Start running processes, including screen |
227 | 227 |
function start_heat { |
228 | 228 |
run_process h-eng "$HEAT_BIN_DIR/heat-engine --config-file=$HEAT_CONF" |
229 |
- run_process h-api "$HEAT_BIN_DIR/heat-api --config-file=$HEAT_CONF" |
|
230 |
- run_process h-api-cfn "$HEAT_BIN_DIR/heat-api-cfn --config-file=$HEAT_CONF" |
|
231 |
- run_process h-api-cw "$HEAT_BIN_DIR/heat-api-cloudwatch --config-file=$HEAT_CONF" |
|
229 |
+ |
|
230 |
+ # If the site is not enabled then we are in a grenade scenario |
|
231 |
+ local enabled_site_file=$(apache_site_config_for heat-api) |
|
232 |
+ if [ -f ${enabled_site_file} ] && [ "$HEAT_USE_MOD_WSGI" == "True" ]; then |
|
233 |
+ enable_apache_site heat-api |
|
234 |
+ enable_apache_site heat-api-cfn |
|
235 |
+ enable_apache_site heat-api-cloudwatch |
|
236 |
+ restart_apache_server |
|
237 |
+ tail_log heat-api /var/log/$APACHE_NAME/heat-api.log |
|
238 |
+ tail_log heat-api-cfn /var/log/$APACHE_NAME/heat-api-cfn.log |
|
239 |
+ tail_log heat-api-cloudwatch /var/log/$APACHE_NAME/heat-api-cloudwatch.log |
|
240 |
+ else |
|
241 |
+ run_process h-api "$HEAT_BIN_DIR/heat-api --config-file=$HEAT_CONF" |
|
242 |
+ run_process h-api-cfn "$HEAT_BIN_DIR/heat-api-cfn --config-file=$HEAT_CONF" |
|
243 |
+ run_process h-api-cw "$HEAT_BIN_DIR/heat-api-cloudwatch --config-file=$HEAT_CONF" |
|
244 |
+ fi |
|
232 | 245 |
} |
233 | 246 |
|
234 | 247 |
# stop_heat() - Stop running processes |
235 | 248 |
function stop_heat { |
236 | 249 |
# Kill the screen windows |
237 |
- local serv |
|
238 |
- for serv in h-eng h-api h-api-cfn h-api-cw; do |
|
239 |
- stop_process $serv |
|
240 |
- done |
|
250 |
+ stop_process h-eng |
|
251 |
+ |
|
252 |
+ if [ "$HEAT_USE_MOD_WSGI" == "True" ]; then |
|
253 |
+ disable_apache_site heat-api |
|
254 |
+ disable_apache_site heat-api-cfn |
|
255 |
+ disable_apache_site heat-api-cloudwatch |
|
256 |
+ restart_apache_server |
|
257 |
+ else |
|
258 |
+ local serv |
|
259 |
+ for serv in h-api h-api-cfn h-api-cw; do |
|
260 |
+ stop_process $serv |
|
261 |
+ done |
|
262 |
+ fi |
|
263 |
+ |
|
241 | 264 |
} |
242 | 265 |
|
266 |
+# _cleanup_heat_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file |
|
267 |
+function _cleanup_heat_apache_wsgi { |
|
268 |
+ sudo rm -f $(apache_site_config_for heat-api) |
|
269 |
+ sudo rm -f $(apache_site_config_for heat-api-cfn) |
|
270 |
+ sudo rm -f $(apache_site_config_for heat-api-cloudwatch) |
|
271 |
+} |
|
272 |
+ |
|
273 |
+# _config_heat_apache_wsgi() - Set WSGI config files of Heat |
|
274 |
+function _config_heat_apache_wsgi { |
|
275 |
+ |
|
276 |
+ local heat_apache_conf=$(apache_site_config_for heat-api) |
|
277 |
+ local heat_cfn_apache_conf=$(apache_site_config_for heat-api-cfn) |
|
278 |
+ local heat_cloudwatch_apache_conf=$(apache_site_config_for heat-api-cloudwatch) |
|
279 |
+ local heat_ssl="" |
|
280 |
+ local heat_certfile="" |
|
281 |
+ local heat_keyfile="" |
|
282 |
+ local heat_api_port=$HEAT_API_PORT |
|
283 |
+ local heat_cfn_api_port=$HEAT_API_CFN_PORT |
|
284 |
+ local heat_cw_api_port=$HEAT_API_CW_PORT |
|
285 |
+ local venv_path="" |
|
286 |
+ |
|
287 |
+ sudo cp $FILES/apache-heat-api.template $heat_apache_conf |
|
288 |
+ sudo sed -e " |
|
289 |
+ s|%PUBLICPORT%|$heat_api_port|g; |
|
290 |
+ s|%APACHE_NAME%|$APACHE_NAME|g; |
|
291 |
+ s|%HEAT_BIN_DIR%|$HEAT_BIN_DIR|g; |
|
292 |
+ s|%SSLENGINE%|$heat_ssl|g; |
|
293 |
+ s|%SSLCERTFILE%|$heat_certfile|g; |
|
294 |
+ s|%SSLKEYFILE%|$heat_keyfile|g; |
|
295 |
+ s|%USER%|$STACK_USER|g; |
|
296 |
+ s|%VIRTUALENV%|$venv_path|g |
|
297 |
+ " -i $heat_apache_conf |
|
298 |
+ |
|
299 |
+ sudo cp $FILES/apache-heat-api-cfn.template $heat_cfn_apache_conf |
|
300 |
+ sudo sed -e " |
|
301 |
+ s|%PUBLICPORT%|$heat_cfn_api_port|g; |
|
302 |
+ s|%APACHE_NAME%|$APACHE_NAME|g; |
|
303 |
+ s|%HEAT_BIN_DIR%|$HEAT_BIN_DIR|g; |
|
304 |
+ s|%SSLENGINE%|$heat_ssl|g; |
|
305 |
+ s|%SSLCERTFILE%|$heat_certfile|g; |
|
306 |
+ s|%SSLKEYFILE%|$heat_keyfile|g; |
|
307 |
+ s|%USER%|$STACK_USER|g; |
|
308 |
+ s|%VIRTUALENV%|$venv_path|g |
|
309 |
+ " -i $heat_cfn_apache_conf |
|
310 |
+ |
|
311 |
+ sudo cp $FILES/apache-heat-api-cloudwatch.template $heat_cloudwatch_apache_conf |
|
312 |
+ sudo sed -e " |
|
313 |
+ s|%PUBLICPORT%|$heat_cw_api_port|g; |
|
314 |
+ s|%APACHE_NAME%|$APACHE_NAME|g; |
|
315 |
+ s|%HEAT_BIN_DIR%|$HEAT_BIN_DIR|g; |
|
316 |
+ s|%SSLENGINE%|$heat_ssl|g; |
|
317 |
+ s|%SSLCERTFILE%|$heat_certfile|g; |
|
318 |
+ s|%SSLKEYFILE%|$heat_keyfile|g; |
|
319 |
+ s|%USER%|$STACK_USER|g; |
|
320 |
+ s|%VIRTUALENV%|$venv_path|g |
|
321 |
+ " -i $heat_cloudwatch_apache_conf |
|
322 |
+} |
|
323 |
+ |
|
324 |
+ |
|
243 | 325 |
# create_heat_accounts() - Set up common required heat accounts |
244 | 326 |
function create_heat_accounts { |
245 | 327 |
if [[ "$HEAT_STANDALONE" != "True" ]]; then |