Apache MPM events + php5 fpm
* Updated site config to change MPM from fork to event model and to start using php5-fpm (fast cgi) to get a better site performance and a better use or server resources. * Updated mysql php driver to newer one (php5-mysqlnd). * Added missing dependencies : php5-json (json functions) and php5-gmp( big number functions used by jose4php). * Replaced puppet-httpd with puppetlabs-apache. * added www.conf to tweak php5-fpm connection settings * update vhost template to support proxy_fcgi. * updated apache connections settings to improve performance on mpm events. * updated dependency to puppetlabs/apache (1.8.1) Change-Id: I66c6ad413a6b0c31a19cc663058a53edc3bec5cc
This commit is contained in:
parent
638c790997
commit
a1c7cc4ed7
|
@ -1,17 +1,11 @@
|
|||
# prefork MPM
|
||||
# StartServers: initial number of server processes to start
|
||||
# MinSpareServers: minimum number of worker threads which are kept spare
|
||||
# MaxSpareServers: maximum number of worker threads which are kept spare
|
||||
# MaxClients: maximum number of simultaneous client connections (MaxClients should always be <= ServerLimit)
|
||||
# ServerLimit:is only used if you need to set MaxClients higher than 256 (default). Do not set the value of this
|
||||
# directive any higher than what you might want to set MaxClients to.
|
||||
# MaxRequestsPerChild: maximum number of requests a server process serves
|
||||
# if you are unable to determine this information the standard 1000 should be used.
|
||||
<IfModule mpm_prefork_module>
|
||||
StartServers 3
|
||||
MinSpareServers 96
|
||||
MaxSpareServers 192
|
||||
MaxClients 1024
|
||||
ServerLimit 1024
|
||||
MaxRequestsPerChild 1000
|
||||
# mpm_event_module
|
||||
<IfModule mpm_event_module>
|
||||
ServerLimit 128
|
||||
StartServers 3
|
||||
MinSpareThreads 96
|
||||
MaxSpareThreads 192
|
||||
ThreadLimit 64
|
||||
ThreadsPerChild 32
|
||||
MaxClients 4096
|
||||
MaxRequestsPerChild 5000
|
||||
</IfModule>
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
[www]
|
||||
|
||||
user = www-data
|
||||
group = www-data
|
||||
listen = 127.0.0.1:9000
|
||||
|
||||
listen.owner = www-data
|
||||
listen.group = www-data
|
||||
|
||||
pm = dynamic
|
||||
pm.max_children = 4096
|
||||
pm.start_servers = 128
|
||||
pm.min_spare_servers = 128
|
||||
pm.max_spare_servers = 256
|
||||
pm.max_requests = 5000
|
||||
chdir = /
|
|
@ -61,6 +61,7 @@ class openstackid (
|
|||
$email_smtp_server_user = '',
|
||||
$email_smtp_server_password = '',
|
||||
$use_db_seeding = false,
|
||||
$docroot = '/srv/openstackid/w/public',
|
||||
) {
|
||||
|
||||
# php packages needed for openid server
|
||||
|
@ -69,13 +70,45 @@ class openstackid (
|
|||
'php5-curl',
|
||||
'php5-cli',
|
||||
'php5-mcrypt',
|
||||
'php5-mysql',
|
||||
'php5-mysqlnd',
|
||||
'php5-fpm',
|
||||
'php5-json',
|
||||
'php5-gmp',
|
||||
]
|
||||
|
||||
package { $php5_packages:
|
||||
ensure => present,
|
||||
}
|
||||
|
||||
# php5-fpm configuration
|
||||
|
||||
exec { 'enable_php5-mbcrypt':
|
||||
command => '/usr/sbin/php5enmod mcrypt',
|
||||
timeout => 0,
|
||||
require => [
|
||||
Package['php5-fpm'],
|
||||
],
|
||||
notify => Service['php5-fpm'],
|
||||
}
|
||||
|
||||
file { '/etc/php5/fpm/pool.d/www.conf':
|
||||
ensure => present,
|
||||
owner => 'root',
|
||||
group => 'www-data',
|
||||
mode => '0640',
|
||||
source => 'puppet:///modules/openstackid/www.conf',
|
||||
require => [
|
||||
Package['php5-fpm'],
|
||||
],
|
||||
notify => Service['php5-fpm'],
|
||||
}
|
||||
|
||||
service { 'php5-fpm':
|
||||
ensure => 'running',
|
||||
enable => true,
|
||||
require => Package['php5-fpm'],
|
||||
}
|
||||
|
||||
# the deploy scripts use the curl CLI
|
||||
package { 'curl':
|
||||
ensure => present,
|
||||
|
@ -191,26 +224,24 @@ class openstackid (
|
|||
mode => '0755',
|
||||
}
|
||||
|
||||
include ::httpd
|
||||
include ::httpd::ssl
|
||||
include ::httpd::php
|
||||
::httpd::vhost { $vhost_name:
|
||||
port => 443,
|
||||
docroot => '/srv/openstackid/w/public',
|
||||
class { '::apache':
|
||||
default_vhost => false,
|
||||
mpm_module => 'event',
|
||||
}
|
||||
|
||||
::apache::listen { '80': }
|
||||
::apache::listen { '443': }
|
||||
|
||||
::apache::vhost::custom { $vhost_name:
|
||||
priority => '50',
|
||||
template => 'openstackid/vhost.erb',
|
||||
ssl => true,
|
||||
content => template('openstackid/vhost.erb'),
|
||||
require => File[$docroot_dirs],
|
||||
}
|
||||
httpd_mod { 'rewrite':
|
||||
ensure => present,
|
||||
}
|
||||
httpd_mod { 'proxy':
|
||||
ensure => present,
|
||||
}
|
||||
httpd_mod { 'proxy_http':
|
||||
ensure => present,
|
||||
}
|
||||
|
||||
class { '::apache::mod::ssl': }
|
||||
class { '::apache::mod::rewrite': }
|
||||
class { '::apache::mod::proxy': }
|
||||
::apache::mod { 'proxy_fcgi': }
|
||||
|
||||
if $ssl_cert_file_contents != '' {
|
||||
file { $ssl_cert_file:
|
||||
|
@ -218,8 +249,8 @@ class openstackid (
|
|||
group => 'root',
|
||||
mode => '0640',
|
||||
content => $ssl_cert_file_contents,
|
||||
notify => Service['httpd'],
|
||||
before => Httpd::Vhost[$vhost_name],
|
||||
notify => Class['::apache::service'],
|
||||
before => Apache::Vhost::Custom[$vhost_name],
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -229,8 +260,8 @@ class openstackid (
|
|||
group => 'root',
|
||||
mode => '0640',
|
||||
content => $ssl_key_file_contents,
|
||||
notify => Service['httpd'],
|
||||
before => Httpd::Vhost[$vhost_name],
|
||||
notify => Class['::apache::service'],
|
||||
before => Apache::Vhost::Custom[$vhost_name],
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -240,8 +271,8 @@ class openstackid (
|
|||
group => 'root',
|
||||
mode => '0640',
|
||||
content => $ssl_chain_file_contents,
|
||||
notify => Service['httpd'],
|
||||
before => Httpd::Vhost[$vhost_name],
|
||||
notify => Class['::apache::service'],
|
||||
before => Apache::Vhost::Custom[$vhost_name],
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -253,20 +284,14 @@ class openstackid (
|
|||
}
|
||||
|
||||
if ($::lsbdistcodename == 'precise') {
|
||||
file { '/etc/apache2/conf.d':
|
||||
ensure => directory,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0755',
|
||||
require => File['/etc/apache2'],
|
||||
}
|
||||
|
||||
file { '/etc/apache2/conf.d/connection-tuning':
|
||||
ensure => present,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
source => 'puppet:///modules/openstackid/apache-connection-tuning',
|
||||
notify => Service['httpd'],
|
||||
notify => Class['::apache::service'],
|
||||
require => File['/etc/apache2/conf.d'],
|
||||
}
|
||||
} else {
|
||||
|
@ -295,7 +320,7 @@ class openstackid (
|
|||
file { '/etc/apache2/conf-enabled/connection-tuning':
|
||||
ensure => link,
|
||||
target => '/etc/apache2/conf-available/connection-tuning.conf',
|
||||
notify => Service['httpd'],
|
||||
notify => Class['::apache::service'],
|
||||
require => [
|
||||
File['/etc/apache2/conf-enabled'],
|
||||
File['/etc/apache2/conf-available/connection-tuning'],
|
||||
|
@ -321,7 +346,7 @@ class openstackid (
|
|||
logoutput => on_failure,
|
||||
require => [
|
||||
File['/opt/deploy/conf.d/openstackid.conf'],
|
||||
Httpd::Vhost[$vhost_name],
|
||||
Apache::Vhost::Custom[$vhost_name],
|
||||
File['/etc/openstackid/recaptcha.php'],
|
||||
File['/etc/openstackid/database.php'],
|
||||
File['/etc/openstackid/log.php'],
|
||||
|
@ -341,7 +366,7 @@ class openstackid (
|
|||
logoutput => on_failure,
|
||||
require => [
|
||||
File['/opt/deploy/conf.d/openstackid.conf'],
|
||||
Httpd::Vhost[$vhost_name],
|
||||
Apache::Vhost::Custom[$vhost_name],
|
||||
File['/etc/openstackid/recaptcha.php'],
|
||||
File['/etc/openstackid/database.php'],
|
||||
File['/etc/openstackid/app.php'],
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
"dependencies": [
|
||||
{ "name": "puppetlabs/stdlib", "version_requirement": ">= 3.2.0" },
|
||||
{ "name": "puppetlabs/mysql", "version_requirement": "= 0.6.1" },
|
||||
{ "name": "openstackinfra/httpd", "version_requirement": "0.x" },
|
||||
{ "name": "puppetlabs/apache", "version_requirement": "= 1.8.1" },
|
||||
{ "name": "openstackinfra/redis", "version_requirement": "= 0.0.1" }
|
||||
]
|
||||
}
|
||||
|
|
|
@ -36,11 +36,15 @@
|
|||
RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("openstackid::vhost_name") %>
|
||||
RewriteRule ^.*$ <%= scope.lookupvar("openstackid::canonicalweburl") %>
|
||||
|
||||
DocumentRoot <%= docroot %>
|
||||
<Directory <%= docroot %>/>
|
||||
DocumentRoot <%= @docroot %>
|
||||
<Directory <%= @docroot %>/>
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</Directory>
|
||||
|
||||
<FilesMatch \.php$>
|
||||
SetHandler "proxy:fcgi://127.0.0.1:9000"
|
||||
</FilesMatch>
|
||||
|
||||
</VirtualHost>
|
||||
</IfModule>
|
||||
|
|
Loading…
Reference in New Issue