openstack
/
cookbook-openstack-compute
Code Issues Proposed changes

Properly notify apache restarts on configuration updates 

This uses edit_resource to add a notification in the nova-api,
nova-api-metadata and nova-placement-api apache configurations when one
of them gets updated. This is a workaround due to the fact we are using
a version of the apache2 cookbook that is still using definitions and
cannot add notifications with definitions.

This is intended to ensure we only restart apache when the configuration
is updated. Otherwise, the old behaviour was to restart apache on every
run which is problematic in production environments. I have been using
this in our production wrapper cookbook for the past year or so without
any issue.

This will be removed in the Stein release when we migrate to the newer
apache2 cookbook which uses proper resources.

Also amend the Berksfile to point to the new opendev.org location.

Change-Id: I55e6ea4124017e0f44f92f6a2fb01baad5a27555
Signed-off-by: Lance Albertson <lance@osuosl.org>
This commit is contained in:
Lance Albertson 2019-07-07 21:49:07 -07:00 committed by Jens Harbott
parent ff074af903
commit 82c5b9a243
12 changed files with 202 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Berksfile
View File

@ -4,11 +4,11 @@ source 'https://supermarket.chef.io'
if Dir.exist?("../cookbook-openstack-#{cookbook}")
cookbook "openstack-#{cookbook}", path: "../cookbook-openstack-#{cookbook}"
else
cookbook "openstack-#{cookbook}", git: "https://git.openstack.org/openstack/cookbook-openstack-#{cookbook}"
cookbook "openstack-#{cookbook}", git: "https://opendev.org/openstack/cookbook-openstack-#{cookbook}"
end
end
cookbook 'openstackclient',
git: 'https://git.openstack.org/openstack/cookbook-openstackclient'
git: 'https://opendev.org/openstack/cookbook-openstackclient'
metadata

14
recipes/api-metadata.rb
View File

@ -49,6 +49,7 @@ template '/etc/nova/api-paste.ini' do
owner node['openstack']['compute']['user']
group node['openstack']['compute']['group']
mode 0o0644
notifies :run, 'execute[Clear nova-metadata apache restart]', :immediately
end
service 'nova-api-metadata' do
@ -79,8 +80,19 @@ web_app 'nova-metadata' do
ciphers node['openstack']['compute']['metadata']['ssl']['ciphers']
end
# Hack until Apache cookbook has lwrp's for proper use of notify restart
# apache2 after keystone if completely configured. Whenever a nova
# config is updated, have it notify the resource which clears the lock
# so the service can be restarted.
# TODO(ramereth): This should be removed once this cookbook is updated
# to use the newer apache2 cookbook which uses proper resources.
edit_resource(:template, "#{node['apache']['dir']}/sites-available/nova-metadata.conf") do
notifies :run, 'execute[Clear nova-metadata apache restart]', :immediately
end
execute 'nova-metadata apache restart' do
command 'uname'
command "touch #{Chef::Config[:file_cache_path]}/nova-metadata-apache-restarted"
creates "#{Chef::Config[:file_cache_path]}/nova-metadata-apache-restarted"
notifies :run, 'execute[nova-metadata: restore-selinux-context]', :immediately
notifies :restart, 'service[apache2]', :immediately
end

14
recipes/api-os-compute.rb
View File

@ -49,6 +49,7 @@ template '/etc/nova/api-paste.ini' do
owner nova_user
group nova_group
mode 0o0644
notifies :run, 'execute[Clear nova-api apache restart]', :immediately
end
execute 'nova-manage api_db sync' do
@ -89,8 +90,19 @@ end
include_recipe 'openstack-compute::_nova_cell'
# Hack until Apache cookbook has lwrp's for proper use of notify restart
# apache2 after keystone if completely configured. Whenever a nova
# config is updated, have it notify the resource which clears the lock
# so the service can be restarted.
# TODO(ramereth): This should be removed once this cookbook is updated
# to use the newer apache2 cookbook which uses proper resources.
edit_resource(:template, "#{node['apache']['dir']}/sites-available/nova-api.conf") do
notifies :run, 'execute[Clear nova-api apache restart]', :immediately
end
execute 'nova-api apache restart' do
command 'uname'
command "touch #{Chef::Config[:file_cache_path]}/nova-api-apache-restarted"
creates "#{Chef::Config[:file_cache_path]}/nova-api-apache-restarted"
notifies :run, 'execute[nova-api: restore-selinux-context]', :immediately
notifies :restart, 'service[apache2]', :immediately
end

18
recipes/nova-common.rb
View File

@ -193,6 +193,21 @@ end
# merge all config options and secrets to be used in nova.conf
nova_conf_options = merge_config_options 'compute'
execute 'Clear nova-api apache restart' do
command "rm -f #{Chef::Config[:file_cache_path]}/nova-api-apache-restarted"
action :nothing
end
execute 'Clear nova-metadata apache restart' do
command "rm -f #{Chef::Config[:file_cache_path]}/nova-metadata-apache-restarted"
action :nothing
end
execute 'Clear nova-placement-api apache restart' do
command "rm -f #{Chef::Config[:file_cache_path]}/nova-placement-api-apache-restarted"
action :nothing
end
template '/etc/nova/nova.conf' do
source 'openstack-service.conf.erb'
cookbook 'openstack-common'
@ -204,6 +219,9 @@ template '/etc/nova/nova.conf' do
# with the glance_api_servers configuration option...
service_config: nova_conf_options
)
notifies :run, 'execute[Clear nova-api apache restart]', :immediately
notifies :run, 'execute[Clear nova-metadata apache restart]', :immediately
notifies :run, 'execute[Clear nova-placement-api apache restart]', :immediately
end
# delete all secrets saved in the attribute

16
recipes/placement_api.rb
View File

@ -71,3 +71,19 @@ execute 'placement-api: nova-manage api_db sync' do
command 'nova-manage api_db sync'
action :run
end
# Hack until Apache cookbook has lwrp's for proper use of notify restart
# apache2 after keystone if completely configured. Whenever a nova
# config is updated, have it notify the resource which clears the lock
# so the service can be restarted.
# TODO(ramereth): This should be removed once this cookbook is updated
# to use the newer apache2 cookbook which uses proper resources.
edit_resource(:template, "#{node['apache']['dir']}/sites-available/nova-placement-api.conf") do
notifies :run, 'execute[Clear nova-placement-api apache restart]', :immediately
end
execute 'nova-placement-api apache restart' do
command "touch #{Chef::Config[:file_cache_path]}/nova-placement-api-apache-restarted"
creates "#{Chef::Config[:file_cache_path]}/nova-placement-api-apache-restarted"
notifies :restart, 'service[apache2]', :immediately
end

28
spec/api-metadata-redhat_spec.rb
View File

@ -24,5 +24,33 @@ describe 'openstack-compute::api-metadata' do
it 'stops metadata api now' do
expect(chef_run).to stop_service 'nova-api-metadata'
end
it do
expect(chef_run).to nothing_execute('Clear nova-metadata apache restart')
.with(
command: 'rm -f /var/chef/cache/nova-metadata-apache-restarted'
)
end
%w(
/etc/nova/nova.conf
/etc/nova/api-paste.ini
/etc/httpd/sites-available/nova-metadata.conf
).each do |f|
it "#{f} notifies execute[Clear nova-metadata apache restart]" do
expect(chef_run.template(f)).to notify('execute[Clear nova-metadata apache restart]').to(:run).immediately
end
end
it do
expect(chef_run).to run_execute('nova-metadata apache restart')
.with(
command: 'touch /var/chef/cache/nova-metadata-apache-restarted',
creates: '/var/chef/cache/nova-metadata-apache-restarted'
)
end
it do
expect(chef_run.execute('nova-metadata apache restart')).to notify('execute[nova-metadata: restore-selinux-context]').to(:run).immediately
end
it do
expect(chef_run.execute('nova-metadata apache restart')).to notify('service[apache2]').to(:restart).immediately
end
end
end

28
spec/api-metadata_spec.rb
View File

@ -25,5 +25,33 @@ describe 'openstack-compute::api-metadata' do
it 'stop metadata api now' do
expect(chef_run).to stop_service 'nova-api-metadata'
end
it do
expect(chef_run).to nothing_execute('Clear nova-metadata apache restart')
.with(
command: 'rm -f /var/chef/cache/nova-metadata-apache-restarted'
)
end
%w(
/etc/nova/nova.conf
/etc/nova/api-paste.ini
/etc/apache2/sites-available/nova-metadata.conf
).each do |f|
it "#{f} notifies execute[Clear nova-metadata apache restart]" do
expect(chef_run.template(f)).to notify('execute[Clear nova-metadata apache restart]').to(:run).immediately
end
end
it do
expect(chef_run).to run_execute('nova-metadata apache restart')
.with(
command: 'touch /var/chef/cache/nova-metadata-apache-restarted',
creates: '/var/chef/cache/nova-metadata-apache-restarted'
)
end
it do
expect(chef_run.execute('nova-metadata apache restart')).to notify('execute[nova-metadata: restore-selinux-context]').to(:run).immediately
end
it do
expect(chef_run.execute('nova-metadata apache restart')).to notify('service[apache2]').to(:restart).immediately
end
end
end

28
spec/api-os-compute-redhat_spec.rb
View File

@ -32,5 +32,33 @@ describe 'openstack-compute::api-os-compute' do
it 'stops openstack api now' do
expect(chef_run).to stop_service 'openstack-nova-api'
end
it do
expect(chef_run).to nothing_execute('Clear nova-api apache restart')
.with(
command: 'rm -f /var/chef/cache/nova-api-apache-restarted'
)
end
%w(
/etc/nova/nova.conf
/etc/nova/api-paste.ini
/etc/httpd/sites-available/nova-api.conf
).each do |f|
it "#{f} notifies execute[Clear nova-api apache restart]" do
expect(chef_run.template(f)).to notify('execute[Clear nova-api apache restart]').to(:run).immediately
end
end
it do
expect(chef_run).to run_execute('nova-api apache restart')
.with(
command: 'touch /var/chef/cache/nova-api-apache-restarted',
creates: '/var/chef/cache/nova-api-apache-restarted'
)
end
it do
expect(chef_run.execute('nova-api apache restart')).to notify('execute[nova-api: restore-selinux-context]').to(:run).immediately
end
it do
expect(chef_run.execute('nova-api apache restart')).to notify('service[apache2]').to(:restart).immediately
end
end
end

28
spec/api-os-compute_spec.rb
View File

@ -33,5 +33,33 @@ describe 'openstack-compute::api-os-compute' do
it 'stops openstack api now' do
expect(chef_run).to stop_service 'nova-api-os-compute'
end
it do
expect(chef_run).to nothing_execute('Clear nova-api apache restart')
.with(
command: 'rm -f /var/chef/cache/nova-api-apache-restarted'
)
end
%w(
/etc/nova/nova.conf
/etc/nova/api-paste.ini
/etc/apache2/sites-available/nova-api.conf
).each do |f|
it "#{f} notifies execute[Clear nova-api apache restart]" do
expect(chef_run.template(f)).to notify('execute[Clear nova-api apache restart]').to(:run).immediately
end
end
it do
expect(chef_run).to run_execute('nova-api apache restart')
.with(
command: 'touch /var/chef/cache/nova-api-apache-restarted',
creates: '/var/chef/cache/nova-api-apache-restarted'
)
end
it do
expect(chef_run.execute('nova-api apache restart')).to notify('execute[nova-api: restore-selinux-context]').to(:run).immediately
end
it do
expect(chef_run.execute('nova-api apache restart')).to notify('service[apache2]').to(:restart).immediately
end
end
end

3
spec/nova-common_spec.rb
View File

@ -364,7 +364,8 @@ describe 'openstack-compute::nova-common' do
it 'enables nova login' do
expect(chef_run).to run_execute('usermod -s /bin/sh nova')
end
it do
it 'cleans up conf_secrets' do
expect(chef_run).to run_ruby_block("delete all attributes in node['openstack']['compute']['conf_secrets']")
end
end

24
spec/placement_api_spec.rb
View File

@ -30,5 +30,29 @@ describe 'openstack-compute::placement_api' do
it 'disables nova-placement-api service' do
expect(chef_run).to disable_service 'disable nova-placement-api service'
end
it do
expect(chef_run).to nothing_execute('Clear nova-placement-api apache restart')
.with(
command: 'rm -f /var/chef/cache/nova-placement-api-apache-restarted'
)
end
%w(
/etc/nova/nova.conf
/etc/apache2/sites-available/nova-placement-api.conf
).each do |f|
it "#{f} notifies execute[Clear nova-placement-api apache restart]" do
expect(chef_run.template(f)).to notify('execute[Clear nova-placement-api apache restart]').to(:run).immediately
end
end
it do
expect(chef_run).to run_execute('nova-placement-api apache restart')
.with(
command: 'touch /var/chef/cache/nova-placement-api-apache-restarted',
creates: '/var/chef/cache/nova-placement-api-apache-restarted'
)
end
it do
expect(chef_run.execute('nova-placement-api apache restart')).to notify('service[apache2]').to(:restart).immediately
end
end
end

4
spec/spec_helper.rb
View File

@ -12,6 +12,7 @@ RSpec.configure do |config|
config.color = true
config.formatter = :documentation
config.log_level = :fatal
config.file_cache_path = '/var/chef/cache'
end
REDHAT_OPTS = {
@ -21,7 +22,6 @@ REDHAT_OPTS = {
UBUNTU_OPTS = {
platform: 'ubuntu',
version: '16.04',
file_cache_path: Chef::Config[:file_cache_path],
}.freeze
shared_context 'compute_stubs' do
@ -140,7 +140,7 @@ shared_examples 'expect_creates_nova_lock_dir' do
end
shared_examples 'expect_creates_nova_instances_dir' do
it 'creates the /var/lib/nova/lock directory' do
it 'creates the /var/lib/nova/instances directory' do
expect(chef_run).to create_directory('/var/lib/nova/instances').with(
user: 'nova',
group: 'nova',