Browse code
Use uwsgi for nova when NOVA_USE_MOD_WSGI is not False
Unless NOVA_USE_MOD_WSGI is False, run nova-api and nova-metadata
using uwsgi.
Because the metadata server is always expected to run on a port and
without a prefix, we have it configured to use uwsgi but not to
proxy from apache: uwsgi listens on the configured port itself.
uwsgi process that listen themselve do not need a socket or to
chmod-socket, so those config lines have been moved to the block
that is also writing proxy configuration for apache.
Because this change only uses uwsgi for nova-api and nova-api-meta,
nova-api-meta is set to default to enabled in stackrc because the
nova-api wsgi application used by wsgi only presents the one service
(osapi_compute).
If NOVA_USE_MOD_WSGI is False and tls_proxy service is enabled,
nova-api is run on an internal port reached via the tls_proxy.
Depends-On: I8ff08d61520ccf04e32dcd02f4cecc39dae823cb
Change-Id: If2d7e363a6541854f2e30c03171bef7a41aff745
Chris Dent authored on 2017/04/19 01:30:14Showing 3 changed files
| ... | ... |
@@ -250,7 +250,6 @@ function write_uwsgi_config {
|
| 250 | 250 |
# always cleanup given that we are using iniset here |
| 251 | 251 |
rm -rf $file |
| 252 | 252 |
iniset "$file" uwsgi wsgi-file "$wsgi" |
| 253 |
- iniset "$file" uwsgi socket "$socket" |
|
| 254 | 253 |
iniset "$file" uwsgi processes $API_WORKERS |
| 255 | 254 |
# This is running standalone |
| 256 | 255 |
iniset "$file" uwsgi master true |
| ... | ... |
@@ -267,7 +266,6 @@ function write_uwsgi_config {
|
| 267 | 267 |
iniset "$file" uwsgi add-header "Connection: close" |
| 268 | 268 |
# This ensures that file descriptors aren't shared between processes. |
| 269 | 269 |
iniset "$file" uwsgi lazy-apps true |
| 270 |
- iniset "$file" uwsgi chmod-socket 666 |
|
| 271 | 270 |
|
| 272 | 271 |
# If we said bind directly to http, then do that and don't start the apache proxy |
| 273 | 272 |
if [[ -n "$http" ]]; then |
| ... | ... |
@@ -276,6 +274,8 @@ function write_uwsgi_config {
|
| 276 | 276 |
local apache_conf="" |
| 277 | 277 |
apache_conf=$(apache_site_config_for $name) |
| 278 | 278 |
echo "SetEnv proxy-sendcl 1" | sudo tee $apache_conf |
| 279 |
+ iniset "$file" uwsgi socket "$socket" |
|
| 280 |
+ iniset "$file" uwsgi chmod-socket 666 |
|
| 279 | 281 |
echo "ProxyPass \"${url}\" \"unix:${socket}|uwsgi://uwsgi-uds-${name}/\" retry=0 " | sudo tee -a $apache_conf
|
| 280 | 282 |
enable_apache_site $name |
| 281 | 283 |
restart_apache_server |
| ... | ... |
@@ -17,7 +17,6 @@ |
| 17 | 17 |
# |
| 18 | 18 |
# - install_nova |
| 19 | 19 |
# - configure_nova |
| 20 |
-# - _config_nova_apache_wsgi |
|
| 21 | 20 |
# - create_nova_conf |
| 22 | 21 |
# - init_nova |
| 23 | 22 |
# - start_nova |
| ... | ... |
@@ -28,7 +27,6 @@ |
| 28 | 28 |
_XTRACE_LIB_NOVA=$(set +o | grep xtrace) |
| 29 | 29 |
set +o xtrace |
| 30 | 30 |
|
| 31 |
- |
|
| 32 | 31 |
# Defaults |
| 33 | 32 |
# -------- |
| 34 | 33 |
|
| ... | ... |
@@ -56,17 +54,20 @@ NOVA_CELLS_CONF=$NOVA_CONF_DIR/nova-cells.conf |
| 56 | 56 |
NOVA_FAKE_CONF=$NOVA_CONF_DIR/nova-fake.conf |
| 57 | 57 |
NOVA_CELLS_DB=${NOVA_CELLS_DB:-nova_cell}
|
| 58 | 58 |
NOVA_API_DB=${NOVA_API_DB:-nova_api}
|
| 59 |
+NOVA_UWSGI=$NOVA_BIN_DIR/nova-api-wsgi |
|
| 60 |
+NOVA_METADATA_UWSGI=$NOVA_BIN_DIR/nova-metadata-wsgi |
|
| 61 |
+NOVA_UWSGI_CONF=$NOVA_CONF_DIR/nova-api-uwsgi.ini |
|
| 62 |
+NOVA_METADATA_UWSGI_CONF=$NOVA_CONF_DIR/nova-metadata-uwsgi.ini |
|
| 59 | 63 |
|
| 60 | 64 |
NOVA_API_PASTE_INI=${NOVA_API_PASTE_INI:-$NOVA_CONF_DIR/api-paste.ini}
|
| 61 | 65 |
|
| 62 |
-if is_suse; then |
|
| 63 |
- NOVA_WSGI_DIR=${NOVA_WSGI_DIR:-/srv/www/htdocs/nova}
|
|
| 64 |
-else |
|
| 65 |
- NOVA_WSGI_DIR=${NOVA_WSGI_DIR:-/var/www/nova}
|
|
| 66 |
-fi |
|
| 67 |
- |
|
| 68 |
-# Toggle for deploying Nova-API under HTTPD + mod_wsgi |
|
| 69 |
-NOVA_USE_MOD_WSGI=${NOVA_USE_MOD_WSGI:-False}
|
|
| 66 |
+# Toggle for deploying Nova-API under a wsgi server. We default to |
|
| 67 |
+# true to use UWSGI, but allow False so that fall back to the |
|
| 68 |
+# eventlet server can happen for grenade runs. |
|
| 69 |
+# NOTE(cdent): We can adjust to remove the eventlet-base api service |
|
| 70 |
+# after pike, at which time we can stop using NOVA_USE_MOD_WSGI to |
|
| 71 |
+# mean "use uwsgi" because we'll be always using uwsgi. |
|
| 72 |
+NOVA_USE_MOD_WSGI=${NOVA_USE_MOD_WSGI:-True}
|
|
| 70 | 73 |
|
| 71 | 74 |
if is_service_enabled tls-proxy; then |
| 72 | 75 |
NOVA_SERVICE_PROTOCOL="https" |
| ... | ... |
@@ -236,66 +237,10 @@ function cleanup_nova {
|
| 236 | 236 |
# cleanup_nova_hypervisor |
| 237 | 237 |
#fi |
| 238 | 238 |
|
| 239 |
- if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then |
|
| 240 |
- _cleanup_nova_apache_wsgi |
|
| 241 |
- fi |
|
| 242 |
-} |
|
| 243 |
- |
|
| 244 |
-# _cleanup_nova_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file |
|
| 245 |
-function _cleanup_nova_apache_wsgi {
|
|
| 246 |
- sudo rm -f $NOVA_WSGI_DIR/* |
|
| 247 |
- sudo rm -f $(apache_site_config_for nova-api) |
|
| 248 |
- sudo rm -f $(apache_site_config_for nova-metadata) |
|
| 249 |
-} |
|
| 250 |
- |
|
| 251 |
-# _config_nova_apache_wsgi() - Set WSGI config files of Nova API |
|
| 252 |
-function _config_nova_apache_wsgi {
|
|
| 253 |
- sudo mkdir -p $NOVA_WSGI_DIR |
|
| 254 |
- |
|
| 255 |
- local nova_apache_conf |
|
| 256 |
- nova_apache_conf=$(apache_site_config_for nova-api) |
|
| 257 |
- local nova_metadata_apache_conf |
|
| 258 |
- nova_metadata_apache_conf=$(apache_site_config_for nova-metadata) |
|
| 259 |
- local nova_ssl="" |
|
| 260 |
- local nova_certfile="" |
|
| 261 |
- local nova_keyfile="" |
|
| 262 |
- local nova_api_port=$NOVA_SERVICE_PORT |
|
| 263 |
- local nova_metadata_port=$METADATA_SERVICE_PORT |
|
| 264 |
- local venv_path="" |
|
| 265 |
- |
|
| 266 |
- if [[ ${USE_VENV} = True ]]; then
|
|
| 267 |
- venv_path="python-path=${PROJECT_VENV["nova"]}/lib/$(python_version)/site-packages"
|
|
| 268 |
- fi |
|
| 269 |
- |
|
| 270 |
- # copy proxy vhost and wsgi helper files |
|
| 271 |
- sudo cp $NOVA_DIR/nova/wsgi/nova-api.py $NOVA_WSGI_DIR/nova-api |
|
| 272 |
- sudo cp $NOVA_DIR/nova/wsgi/nova-metadata.py $NOVA_WSGI_DIR/nova-metadata |
|
| 273 |
- |
|
| 274 |
- sudo cp $FILES/apache-nova-api.template $nova_apache_conf |
|
| 275 |
- sudo sed -e " |
|
| 276 |
- s|%PUBLICPORT%|$nova_api_port|g; |
|
| 277 |
- s|%APACHE_NAME%|$APACHE_NAME|g; |
|
| 278 |
- s|%PUBLICWSGI%|$NOVA_WSGI_DIR/nova-api|g; |
|
| 279 |
- s|%SSLENGINE%|$nova_ssl|g; |
|
| 280 |
- s|%SSLCERTFILE%|$nova_certfile|g; |
|
| 281 |
- s|%SSLKEYFILE%|$nova_keyfile|g; |
|
| 282 |
- s|%USER%|$STACK_USER|g; |
|
| 283 |
- s|%VIRTUALENV%|$venv_path|g |
|
| 284 |
- s|%APIWORKERS%|$API_WORKERS|g |
|
| 285 |
- " -i $nova_apache_conf |
|
| 286 |
- |
|
| 287 |
- sudo cp $FILES/apache-nova-metadata.template $nova_metadata_apache_conf |
|
| 288 |
- sudo sed -e " |
|
| 289 |
- s|%PUBLICPORT%|$nova_metadata_port|g; |
|
| 290 |
- s|%APACHE_NAME%|$APACHE_NAME|g; |
|
| 291 |
- s|%PUBLICWSGI%|$NOVA_WSGI_DIR/nova-metadata|g; |
|
| 292 |
- s|%SSLENGINE%|$nova_ssl|g; |
|
| 293 |
- s|%SSLCERTFILE%|$nova_certfile|g; |
|
| 294 |
- s|%SSLKEYFILE%|$nova_keyfile|g; |
|
| 295 |
- s|%USER%|$STACK_USER|g; |
|
| 296 |
- s|%VIRTUALENV%|$venv_path|g |
|
| 297 |
- s|%APIWORKERS%|$API_WORKERS|g |
|
| 298 |
- " -i $nova_metadata_apache_conf |
|
| 239 |
+ stop_process "n-api" |
|
| 240 |
+ stop_process "n-api-meta" |
|
| 241 |
+ remove_uwsgi_config "$NOVA_UWSGI_CONF" "$NOVA_UWSGI" |
|
| 242 |
+ remove_uwsgi_config "$NOVA_METADATA_UWSGI_CONF" "$NOVA_METADATA_UWSGI" |
|
| 299 | 243 |
} |
| 300 | 244 |
|
| 301 | 245 |
# configure_nova() - Set config files, create data dirs, etc |
| ... | ... |
@@ -489,7 +434,7 @@ function create_nova_conf {
|
| 489 | 489 |
NOVA_ENABLED_APIS=$(echo $NOVA_ENABLED_APIS | sed "s/,metadata//") |
| 490 | 490 |
fi |
| 491 | 491 |
iniset $NOVA_CONF DEFAULT enabled_apis "$NOVA_ENABLED_APIS" |
| 492 |
- if is_service_enabled tls-proxy; then |
|
| 492 |
+ if is_service_enabled tls-proxy && [ "$NOVA_USE_MOD_WSGI" == "False" ]; then |
|
| 493 | 493 |
# Set the service port for a proxy to take the original |
| 494 | 494 |
iniset $NOVA_CONF DEFAULT osapi_compute_listen_port "$NOVA_SERVICE_PORT_INT" |
| 495 | 495 |
iniset $NOVA_CONF DEFAULT osapi_compute_link_prefix $NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT |
| ... | ... |
@@ -524,11 +469,10 @@ function create_nova_conf {
|
| 524 | 524 |
iniset $NOVA_CONF DEFAULT force_config_drive "$FORCE_CONFIG_DRIVE" |
| 525 | 525 |
fi |
| 526 | 526 |
# Format logging |
| 527 |
- setup_logging $NOVA_CONF $NOVA_USE_MOD_WSGI |
|
| 527 |
+ setup_logging $NOVA_CONF |
|
| 528 | 528 |
|
| 529 |
- if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then |
|
| 530 |
- _config_nova_apache_wsgi |
|
| 531 |
- fi |
|
| 529 |
+ write_uwsgi_config "$NOVA_UWSGI_CONF" "$NOVA_UWSGI" "/compute" |
|
| 530 |
+ write_uwsgi_config "$NOVA_METADATA_UWSGI_CONF" "$NOVA_METADATA_UWSGI" "" ":${METADATA_SERVICE_PORT}"
|
|
| 532 | 531 |
|
| 533 | 532 |
if is_service_enabled ceilometer; then |
| 534 | 533 |
iniset $NOVA_CONF DEFAULT instance_usage_audit "True" |
| ... | ... |
@@ -777,10 +721,6 @@ function install_nova {
|
| 777 | 777 |
git_clone $NOVA_REPO $NOVA_DIR $NOVA_BRANCH |
| 778 | 778 |
setup_develop $NOVA_DIR |
| 779 | 779 |
sudo install -D -m 0644 -o $STACK_USER {$NOVA_DIR/tools/,/etc/bash_completion.d/}nova-manage.bash_completion
|
| 780 |
- |
|
| 781 |
- if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then |
|
| 782 |
- install_apache_wsgi |
|
| 783 |
- fi |
|
| 784 | 780 |
} |
| 785 | 781 |
|
| 786 | 782 |
# start_nova_api() - Start the API process ahead of other things |
| ... | ... |
@@ -788,6 +728,7 @@ function start_nova_api {
|
| 788 | 788 |
# Get right service port for testing |
| 789 | 789 |
local service_port=$NOVA_SERVICE_PORT |
| 790 | 790 |
local service_protocol=$NOVA_SERVICE_PROTOCOL |
| 791 |
+ local nova_url |
|
| 791 | 792 |
if is_service_enabled tls-proxy; then |
| 792 | 793 |
service_port=$NOVA_SERVICE_PORT_INT |
| 793 | 794 |
service_protocol="http" |
| ... | ... |
@@ -797,29 +738,23 @@ function start_nova_api {
|
| 797 | 797 |
local old_path=$PATH |
| 798 | 798 |
export PATH=$NOVA_BIN_DIR:$PATH |
| 799 | 799 |
|
| 800 |
- # If the site is not enabled then we are in a grenade scenario |
|
| 801 |
- local enabled_site_file |
|
| 802 |
- enabled_site_file=$(apache_site_config_for nova-api) |
|
| 803 |
- if [ -f ${enabled_site_file} ] && [ "$NOVA_USE_MOD_WSGI" == "True" ]; then
|
|
| 804 |
- enable_apache_site nova-api |
|
| 805 |
- enable_apache_site nova-metadata |
|
| 806 |
- restart_apache_server |
|
| 807 |
- tail_log nova-api /var/log/$APACHE_NAME/nova-api.log |
|
| 808 |
- tail_log nova-metadata /var/log/$APACHE_NAME/nova-metadata.log |
|
| 809 |
- else |
|
| 800 |
+ if [ "$NOVA_USE_MOD_WSGI" == "False" ]; then |
|
| 810 | 801 |
run_process n-api "$NOVA_BIN_DIR/nova-api" |
| 802 |
+ nova_url=$service_protocol://$SERVICE_HOST:$service_port |
|
| 803 |
+ # Start proxy if tsl enabled |
|
| 804 |
+ if is_service_enabled tls-proxy; then |
|
| 805 |
+ start_tls_proxy nova '*' $NOVA_SERVICE_PORT $NOVA_SERVICE_HOST $NOVA_SERVICE_PORT_INT |
|
| 806 |
+ fi |
|
| 807 |
+ else |
|
| 808 |
+ run_process "n-api" "$NOVA_BIN_DIR/uwsgi --ini $NOVA_UWSGI_CONF" |
|
| 809 |
+ nova_url=$service_protocol://$SERVICE_HOST/compute/v2.1/ |
|
| 811 | 810 |
fi |
| 812 | 811 |
|
| 813 | 812 |
echo "Waiting for nova-api to start..." |
| 814 |
- if ! wait_for_service $SERVICE_TIMEOUT $service_protocol://$SERVICE_HOST:$service_port; then |
|
| 813 |
+ if ! wait_for_service $SERVICE_TIMEOUT $nova_url; then |
|
| 815 | 814 |
die $LINENO "nova-api did not start" |
| 816 | 815 |
fi |
| 817 | 816 |
|
| 818 |
- # Start proxies if enabled |
|
| 819 |
- if is_service_enabled tls-proxy; then |
|
| 820 |
- start_tls_proxy nova '*' $NOVA_SERVICE_PORT $NOVA_SERVICE_HOST $NOVA_SERVICE_PORT_INT |
|
| 821 |
- fi |
|
| 822 |
- |
|
| 823 | 817 |
export PATH=$old_path |
| 824 | 818 |
} |
| 825 | 819 |
|
| ... | ... |
@@ -890,7 +825,11 @@ function start_nova_rest {
|
| 890 | 890 |
run_process n-net "$NOVA_BIN_DIR/nova-network --config-file $compute_cell_conf" |
| 891 | 891 |
|
| 892 | 892 |
run_process n-sch "$NOVA_BIN_DIR/nova-scheduler --config-file $compute_cell_conf" |
| 893 |
- run_process n-api-meta "$NOVA_BIN_DIR/nova-api-metadata --config-file $compute_cell_conf" |
|
| 893 |
+ if [ "$NOVA_USE_MOD_WSGI" == "False" ]; then |
|
| 894 |
+ run_process n-api-meta "$NOVA_BIN_DIR/nova-api-metadata --config-file $compute_cell_conf" |
|
| 895 |
+ else |
|
| 896 |
+ run_process n-api-meta "$NOVA_BIN_DIR/uwsgi --ini $NOVA_METADATA_UWSGI_CONF" |
|
| 897 |
+ fi |
|
| 894 | 898 |
|
| 895 | 899 |
run_process n-novnc "$NOVA_BIN_DIR/nova-novncproxy --config-file $api_cell_conf --web $NOVNC_WEB_DIR" |
| 896 | 900 |
run_process n-xvnc "$NOVA_BIN_DIR/nova-xvpvncproxy --config-file $api_cell_conf" |
| ... | ... |
@@ -921,17 +860,8 @@ function stop_nova_compute {
|
| 921 | 921 |
} |
| 922 | 922 |
|
| 923 | 923 |
function stop_nova_rest {
|
| 924 |
- if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then |
|
| 925 |
- disable_apache_site nova-api |
|
| 926 |
- disable_apache_site nova-metadata |
|
| 927 |
- restart_apache_server |
|
| 928 |
- else |
|
| 929 |
- stop_process n-api |
|
| 930 |
- fi |
|
| 931 |
- # Kill the nova screen windows |
|
| 932 |
- # Some services are listed here twice since more than one instance |
|
| 933 |
- # of a service may be running in certain configs. |
|
| 934 |
- for serv in n-api n-net n-sch n-novnc n-xvnc n-cauth n-spice n-cond n-cell n-cell n-api-meta n-sproxy; do |
|
| 924 |
+ # Kill the non-compute nova processes |
|
| 925 |
+ for serv in n-api n-api-meta n-net n-sch n-novnc n-xvnc n-cauth n-spice n-cond n-cell n-cell n-sproxy; do |
|
| 935 | 926 |
stop_process $serv |
| 936 | 927 |
done |
| 937 | 928 |
} |
| ... | ... |
@@ -53,7 +53,7 @@ if ! isset ENABLED_SERVICES ; then |
| 53 | 53 |
# Keystone - nothing works without keystone |
| 54 | 54 |
ENABLED_SERVICES=key |
| 55 | 55 |
# Nova - services to support libvirt based openstack clouds |
| 56 |
- ENABLED_SERVICES+=,n-api,n-cpu,n-cond,n-sch,n-novnc,n-cauth |
|
| 56 |
+ ENABLED_SERVICES+=,n-api,n-cpu,n-cond,n-sch,n-novnc,n-cauth,n-api-meta |
|
| 57 | 57 |
# Placement service needed for Nova |
| 58 | 58 |
ENABLED_SERVICES+=,placement-api,placement-client |
| 59 | 59 |
# Glance services needed for Nova |