openstack/devstack
Code Issues Proposed changes

Use uwsgi for nova when NOVA_USE_MOD_WSGI is not False

Browse Source 
Unless NOVA_USE_MOD_WSGI is False, run nova-api and nova-metadata
using uwsgi.

Because the metadata server is always expected to run on a port and
without a prefix, we have it configured to use uwsgi but not to
proxy from apache: uwsgi listens on the configured port itself.

uwsgi process that listen themselve do not need a socket or to
chmod-socket, so those config lines have been moved to the block
that is also writing proxy configuration for apache.

Because this change only uses uwsgi for nova-api and nova-api-meta,
nova-api-meta is set to default to enabled in stackrc because the
nova-api wsgi application used by wsgi only presents the one service
(osapi_compute).

If NOVA_USE_MOD_WSGI is False and tls_proxy service is enabled,
nova-api is run on an internal port reached via the tls_proxy.

Depends-On: I8ff08d61520ccf04e32dcd02f4cecc39dae823cb
Change-Id: If2d7e363a6541854f2e30c03171bef7a41aff745
This commit is contained in:
Chris Dent
2017-04-18 16:30:14 +00:00
committed by Matthew Treinish
parent 87362e5722
commit b90bb1a461
3 changed files with 40 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/apache
View File

@@ -250,7 +250,6 @@ function write_uwsgi_config {
# always cleanup given that we are using iniset here # always cleanup given that we are using iniset here
rm -rf $file rm -rf $file
iniset "$file" uwsgi wsgi-file "$wsgi" iniset "$file" uwsgi wsgi-file "$wsgi"
iniset "$file" uwsgi socket "$socket"
iniset "$file" uwsgi processes $API_WORKERS iniset "$file" uwsgi processes $API_WORKERS
# This is running standalone # This is running standalone
iniset "$file" uwsgi master true iniset "$file" uwsgi master true
@@ -267,7 +266,6 @@ function write_uwsgi_config {
iniset "$file" uwsgi add-header "Connection: close" iniset "$file" uwsgi add-header "Connection: close"
# This ensures that file descriptors aren't shared between processes. # This ensures that file descriptors aren't shared between processes.
iniset "$file" uwsgi lazy-apps true iniset "$file" uwsgi lazy-apps true
iniset "$file" uwsgi chmod-socket 666
# If we said bind directly to http, then do that and don't start the apache proxy # If we said bind directly to http, then do that and don't start the apache proxy
if [[ -n "$http" ]]; then if [[ -n "$http" ]]; then
@@ -276,6 +274,8 @@ function write_uwsgi_config {
local apache_conf="" local apache_conf=""
apache_conf=$(apache_site_config_for $name) apache_conf=$(apache_site_config_for $name)
echo "SetEnv proxy-sendcl 1" | sudo tee $apache_conf echo "SetEnv proxy-sendcl 1" | sudo tee $apache_conf
iniset "$file" uwsgi socket "$socket"
iniset "$file" uwsgi chmod-socket 666
echo "ProxyPass \"${url}\" \"unix:${socket}|uwsgi://uwsgi-uds-${name}/\" retry=0 " | sudo tee -a $apache_conf echo "ProxyPass \"${url}\" \"unix:${socket}|uwsgi://uwsgi-uds-${name}/\" retry=0 " | sudo tee -a $apache_conf
enable_apache_site $name enable_apache_site $name
restart_apache_server restart_apache_server

144
lib/nova
View File

@@ -17,7 +17,6 @@
# #
# - install_nova # - install_nova
# - configure_nova # - configure_nova
# - _config_nova_apache_wsgi
# - create_nova_conf # - create_nova_conf
# - init_nova # - init_nova
# - start_nova # - start_nova
@@ -28,7 +27,6 @@
_XTRACE_LIB_NOVA=$(set +o | grep xtrace) _XTRACE_LIB_NOVA=$(set +o | grep xtrace)
set +o xtrace set +o xtrace
# Defaults # Defaults
# -------- # --------
@@ -56,17 +54,20 @@ NOVA_CELLS_CONF=$NOVA_CONF_DIR/nova-cells.conf
NOVA_FAKE_CONF=$NOVA_CONF_DIR/nova-fake.conf NOVA_FAKE_CONF=$NOVA_CONF_DIR/nova-fake.conf
NOVA_CELLS_DB=${NOVA_CELLS_DB:-nova_cell} NOVA_CELLS_DB=${NOVA_CELLS_DB:-nova_cell}
NOVA_API_DB=${NOVA_API_DB:-nova_api} NOVA_API_DB=${NOVA_API_DB:-nova_api}
NOVA_UWSGI=$NOVA_BIN_DIR/nova-api-wsgi
NOVA_METADATA_UWSGI=$NOVA_BIN_DIR/nova-metadata-wsgi
NOVA_UWSGI_CONF=$NOVA_CONF_DIR/nova-api-uwsgi.ini
NOVA_METADATA_UWSGI_CONF=$NOVA_CONF_DIR/nova-metadata-uwsgi.ini
NOVA_API_PASTE_INI=${NOVA_API_PASTE_INI:-$NOVA_CONF_DIR/api-paste.ini} NOVA_API_PASTE_INI=${NOVA_API_PASTE_INI:-$NOVA_CONF_DIR/api-paste.ini}
if is_suse; then # Toggle for deploying Nova-API under a wsgi server. We default to
NOVA_WSGI_DIR=${NOVA_WSGI_DIR:-/srv/www/htdocs/nova} # true to use UWSGI, but allow False so that fall back to the
else # eventlet server can happen for grenade runs.
NOVA_WSGI_DIR=${NOVA_WSGI_DIR:-/var/www/nova} # NOTE(cdent): We can adjust to remove the eventlet-base api service
fi # after pike, at which time we can stop using NOVA_USE_MOD_WSGI to
# mean "use uwsgi" because we'll be always using uwsgi.
# Toggle for deploying Nova-API under HTTPD + mod_wsgi NOVA_USE_MOD_WSGI=${NOVA_USE_MOD_WSGI:-True}
NOVA_USE_MOD_WSGI=${NOVA_USE_MOD_WSGI:-False}
if is_service_enabled tls-proxy; then if is_service_enabled tls-proxy; then
NOVA_SERVICE_PROTOCOL="https" NOVA_SERVICE_PROTOCOL="https"
@@ -236,66 +237,10 @@ function cleanup_nova {
# cleanup_nova_hypervisor # cleanup_nova_hypervisor
#fi #fi
if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then stop_process "n-api"
_cleanup_nova_apache_wsgi stop_process "n-api-meta"
fi remove_uwsgi_config "$NOVA_UWSGI_CONF" "$NOVA_UWSGI"
} remove_uwsgi_config "$NOVA_METADATA_UWSGI_CONF" "$NOVA_METADATA_UWSGI"
# _cleanup_nova_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file
function _cleanup_nova_apache_wsgi {
sudo rm -f $NOVA_WSGI_DIR/*
sudo rm -f $(apache_site_config_for nova-api)
sudo rm -f $(apache_site_config_for nova-metadata)
}
# _config_nova_apache_wsgi() - Set WSGI config files of Nova API
function _config_nova_apache_wsgi {
sudo mkdir -p $NOVA_WSGI_DIR
local nova_apache_conf
nova_apache_conf=$(apache_site_config_for nova-api)
local nova_metadata_apache_conf
nova_metadata_apache_conf=$(apache_site_config_for nova-metadata)
local nova_ssl=""
local nova_certfile=""
local nova_keyfile=""
local nova_api_port=$NOVA_SERVICE_PORT
local nova_metadata_port=$METADATA_SERVICE_PORT
local venv_path=""
if [[ ${USE_VENV} = True ]]; then
venv_path="python-path=${PROJECT_VENV["nova"]}/lib/$(python_version)/site-packages"
fi
# copy proxy vhost and wsgi helper files
sudo cp $NOVA_DIR/nova/wsgi/nova-api.py $NOVA_WSGI_DIR/nova-api
sudo cp $NOVA_DIR/nova/wsgi/nova-metadata.py $NOVA_WSGI_DIR/nova-metadata
sudo cp $FILES/apache-nova-api.template $nova_apache_conf
sudo sed -e "
s|%PUBLICPORT%|$nova_api_port|g;
s|%APACHE_NAME%|$APACHE_NAME|g;
s|%PUBLICWSGI%|$NOVA_WSGI_DIR/nova-api|g;
s|%SSLENGINE%|$nova_ssl|g;
s|%SSLCERTFILE%|$nova_certfile|g;
s|%SSLKEYFILE%|$nova_keyfile|g;
s|%USER%|$STACK_USER|g;
s|%VIRTUALENV%|$venv_path|g
s|%APIWORKERS%|$API_WORKERS|g
" -i $nova_apache_conf
sudo cp $FILES/apache-nova-metadata.template $nova_metadata_apache_conf
sudo sed -e "
s|%PUBLICPORT%|$nova_metadata_port|g;
s|%APACHE_NAME%|$APACHE_NAME|g;
s|%PUBLICWSGI%|$NOVA_WSGI_DIR/nova-metadata|g;
s|%SSLENGINE%|$nova_ssl|g;
s|%SSLCERTFILE%|$nova_certfile|g;
s|%SSLKEYFILE%|$nova_keyfile|g;
s|%USER%|$STACK_USER|g;
s|%VIRTUALENV%|$venv_path|g
s|%APIWORKERS%|$API_WORKERS|g
" -i $nova_metadata_apache_conf
} }
# configure_nova() - Set config files, create data dirs, etc # configure_nova() - Set config files, create data dirs, etc
@@ -489,7 +434,7 @@ function create_nova_conf {
NOVA_ENABLED_APIS=$(echo $NOVA_ENABLED_APIS | sed "s/,metadata//") NOVA_ENABLED_APIS=$(echo $NOVA_ENABLED_APIS | sed "s/,metadata//")
fi fi
iniset $NOVA_CONF DEFAULT enabled_apis "$NOVA_ENABLED_APIS" iniset $NOVA_CONF DEFAULT enabled_apis "$NOVA_ENABLED_APIS"
if is_service_enabled tls-proxy; then if is_service_enabled tls-proxy && [ "$NOVA_USE_MOD_WSGI" == "False" ]; then
# Set the service port for a proxy to take the original # Set the service port for a proxy to take the original
iniset $NOVA_CONF DEFAULT osapi_compute_listen_port "$NOVA_SERVICE_PORT_INT" iniset $NOVA_CONF DEFAULT osapi_compute_listen_port "$NOVA_SERVICE_PORT_INT"
iniset $NOVA_CONF DEFAULT osapi_compute_link_prefix $NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT iniset $NOVA_CONF DEFAULT osapi_compute_link_prefix $NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT
@@ -524,11 +469,10 @@ function create_nova_conf {
iniset $NOVA_CONF DEFAULT force_config_drive "$FORCE_CONFIG_DRIVE" iniset $NOVA_CONF DEFAULT force_config_drive "$FORCE_CONFIG_DRIVE"
fi fi
# Format logging # Format logging
setup_logging $NOVA_CONF $NOVA_USE_MOD_WSGI setup_logging $NOVA_CONF
if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then write_uwsgi_config "$NOVA_UWSGI_CONF" "$NOVA_UWSGI" "/compute"
_config_nova_apache_wsgi write_uwsgi_config "$NOVA_METADATA_UWSGI_CONF" "$NOVA_METADATA_UWSGI" "" ":${METADATA_SERVICE_PORT}"
fi
if is_service_enabled ceilometer; then if is_service_enabled ceilometer; then
iniset $NOVA_CONF DEFAULT instance_usage_audit "True" iniset $NOVA_CONF DEFAULT instance_usage_audit "True"
@@ -777,10 +721,6 @@ function install_nova {
git_clone $NOVA_REPO $NOVA_DIR $NOVA_BRANCH git_clone $NOVA_REPO $NOVA_DIR $NOVA_BRANCH
setup_develop $NOVA_DIR setup_develop $NOVA_DIR
sudo install -D -m 0644 -o $STACK_USER {$NOVA_DIR/tools/,/etc/bash_completion.d/}nova-manage.bash_completion sudo install -D -m 0644 -o $STACK_USER {$NOVA_DIR/tools/,/etc/bash_completion.d/}nova-manage.bash_completion
if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then
install_apache_wsgi
fi
} }
# start_nova_api() - Start the API process ahead of other things # start_nova_api() - Start the API process ahead of other things
@@ -788,6 +728,7 @@ function start_nova_api {
# Get right service port for testing # Get right service port for testing
local service_port=$NOVA_SERVICE_PORT local service_port=$NOVA_SERVICE_PORT
local service_protocol=$NOVA_SERVICE_PROTOCOL local service_protocol=$NOVA_SERVICE_PROTOCOL
local nova_url
if is_service_enabled tls-proxy; then if is_service_enabled tls-proxy; then
service_port=$NOVA_SERVICE_PORT_INT service_port=$NOVA_SERVICE_PORT_INT
service_protocol="http" service_protocol="http"
@@ -797,29 +738,23 @@ function start_nova_api {
local old_path=$PATH local old_path=$PATH
export PATH=$NOVA_BIN_DIR:$PATH export PATH=$NOVA_BIN_DIR:$PATH
# If the site is not enabled then we are in a grenade scenario if [ "$NOVA_USE_MOD_WSGI" == "False" ]; then
local enabled_site_file
enabled_site_file=$(apache_site_config_for nova-api)
if [ -f ${enabled_site_file} ] && [ "$NOVA_USE_MOD_WSGI" == "True" ]; then
enable_apache_site nova-api
enable_apache_site nova-metadata
restart_apache_server
tail_log nova-api /var/log/$APACHE_NAME/nova-api.log
tail_log nova-metadata /var/log/$APACHE_NAME/nova-metadata.log
else
run_process n-api "$NOVA_BIN_DIR/nova-api" run_process n-api "$NOVA_BIN_DIR/nova-api"
nova_url=$service_protocol://$SERVICE_HOST:$service_port
# Start proxy if tsl enabled
if is_service_enabled tls-proxy; then
start_tls_proxy nova '*' $NOVA_SERVICE_PORT $NOVA_SERVICE_HOST $NOVA_SERVICE_PORT_INT
fi
else
run_process "n-api" "$NOVA_BIN_DIR/uwsgi --ini $NOVA_UWSGI_CONF"
nova_url=$service_protocol://$SERVICE_HOST/compute/v2.1/
fi fi
echo "Waiting for nova-api to start..." echo "Waiting for nova-api to start..."
if ! wait_for_service $SERVICE_TIMEOUT $service_protocol://$SERVICE_HOST:$service_port; then if ! wait_for_service $SERVICE_TIMEOUT $nova_url; then
die $LINENO "nova-api did not start" die $LINENO "nova-api did not start"
fi fi
# Start proxies if enabled
if is_service_enabled tls-proxy; then
start_tls_proxy nova '*' $NOVA_SERVICE_PORT $NOVA_SERVICE_HOST $NOVA_SERVICE_PORT_INT
fi
export PATH=$old_path export PATH=$old_path
} }
@@ -890,7 +825,11 @@ function start_nova_rest {
run_process n-net "$NOVA_BIN_DIR/nova-network --config-file $compute_cell_conf" run_process n-net "$NOVA_BIN_DIR/nova-network --config-file $compute_cell_conf"
run_process n-sch "$NOVA_BIN_DIR/nova-scheduler --config-file $compute_cell_conf" run_process n-sch "$NOVA_BIN_DIR/nova-scheduler --config-file $compute_cell_conf"
run_process n-api-meta "$NOVA_BIN_DIR/nova-api-metadata --config-file $compute_cell_conf" if [ "$NOVA_USE_MOD_WSGI" == "False" ]; then
run_process n-api-meta "$NOVA_BIN_DIR/nova-api-metadata --config-file $compute_cell_conf"
else
run_process n-api-meta "$NOVA_BIN_DIR/uwsgi --ini $NOVA_METADATA_UWSGI_CONF"
fi
run_process n-novnc "$NOVA_BIN_DIR/nova-novncproxy --config-file $api_cell_conf --web $NOVNC_WEB_DIR" run_process n-novnc "$NOVA_BIN_DIR/nova-novncproxy --config-file $api_cell_conf --web $NOVNC_WEB_DIR"
run_process n-xvnc "$NOVA_BIN_DIR/nova-xvpvncproxy --config-file $api_cell_conf" run_process n-xvnc "$NOVA_BIN_DIR/nova-xvpvncproxy --config-file $api_cell_conf"
@@ -921,17 +860,8 @@ function stop_nova_compute {
} }
function stop_nova_rest { function stop_nova_rest {
if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then # Kill the non-compute nova processes
disable_apache_site nova-api for serv in n-api n-api-meta n-net n-sch n-novnc n-xvnc n-cauth n-spice n-cond n-cell n-cell n-sproxy; do
disable_apache_site nova-metadata
restart_apache_server
else
stop_process n-api
fi
# Kill the nova screen windows
# Some services are listed here twice since more than one instance
# of a service may be running in certain configs.
for serv in n-api n-net n-sch n-novnc n-xvnc n-cauth n-spice n-cond n-cell n-cell n-api-meta n-sproxy; do
stop_process $serv stop_process $serv
done done
} }

2
stackrc
View File

@@ -53,7 +53,7 @@ if ! isset ENABLED_SERVICES ; then
# Keystone - nothing works without keystone # Keystone - nothing works without keystone
ENABLED_SERVICES=key ENABLED_SERVICES=key
# Nova - services to support libvirt based openstack clouds # Nova - services to support libvirt based openstack clouds
ENABLED_SERVICES+=,n-api,n-cpu,n-cond,n-sch,n-novnc,n-cauth ENABLED_SERVICES+=,n-api,n-cpu,n-cond,n-sch,n-novnc,n-cauth,n-api-meta
# Placement service needed for Nova # Placement service needed for Nova
ENABLED_SERVICES+=,placement-api,placement-client ENABLED_SERVICES+=,placement-api,placement-client
# Glance services needed for Nova # Glance services needed for Nova