openstack/keystone
Code Issues Proposed changes
keystone/bin/keystone-all
Peter Feiner 3580c2af1b enable multiple keystone-all worker processes 
Fixes bug 1157261.

Since the majority of the work keystone does is cryptographic
calculations and filtering database records, keystone is CPU-bound.
Given that a keystone-all process has only one thread (i.e.,
eventlet's thread), keystone-all's throughput is limited to the
throughput of a single CPU core. To increase keystone-all's
throughput, we need to increase its CPU parallelism, which entails
running more keystone-all processes.

This patch adds two configuration options, public_workers=N and
admin_workers=N, that determine the number of keystone-all processes
that handle requests for keystone's public and admin WSGI applications
respectively.

Note that simply running keystone-all multiple times won't work
because care has to be taken for all of the worker processes to be
using the same socket (i.e., listen() then fork()).

DocImpact

Change-Id: If74f13bc2898e880649ee809967f5b5859b793c6
Co-Authored-By: Stuart McLaren <stuart.mclaren@hp.com>
2014-06-13 10:21:01 +00:00

156 lines
5.1 KiB
Python
Executable File
Raw Blame History

#!/usr/bin/env python
# Copyright 2013 OpenStack Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import logging
import os
import socket
import sys
# If ../keystone/__init__.py exists, add ../ to Python search path, so that
# it will override what happens to be installed in /usr/(local/)lib/python...
possible_topdir = os.path.normpath(os.path.join(os.path.abspath(__file__),
os.pardir,
os.pardir))
if os.path.exists(os.path.join(possible_topdir,
'keystone',
'__init__.py')):
sys.path.insert(0, possible_topdir)
from paste import deploy
import pbr.version
from keystone.openstack.common import gettextutils
# NOTE(dstanek): gettextutils.enable_lazy() must be called before
# gettextutils._() is called to ensure it has the desired lazy lookup
# behavior. This includes cases, like keystone.exceptions, where
# gettextutils._() is called at import time.
gettextutils.enable_lazy()
from keystone import backends
from keystone.common import dependency
from keystone.common import environment
from keystone.common import sql
from keystone.common import utils
from keystone import config
from keystone.openstack.common.gettextutils import _
from keystone.openstack.common import service
from keystone.openstack.common import systemd
CONF = config.CONF
class ServerWrapper(object):
"""Wraps a Server with some launching info & capabilities."""
def __init__(self, server, workers):
self.server = server
self.workers = workers
def launch_with(self, launcher):
self.server.listen()
if self.workers > 1:
# Use multi-process launcher
launcher.launch_service(self.server, self.workers)
else:
# Use single process launcher
launcher.launch_service(self.server)
def create_server(conf, name, host, port, workers):
app = deploy.loadapp('config:%s' % conf, name=name)
server = environment.Server(app, host=host, port=port,
keepalive=CONF.tcp_keepalive,
keepidle=CONF.tcp_keepidle)
if CONF.ssl.enable:
server.set_ssl(CONF.ssl.certfile, CONF.ssl.keyfile,
CONF.ssl.ca_certs, CONF.ssl.cert_required)
return name, ServerWrapper(server, workers)
def serve(*servers):
if max([server[1].workers for server in servers]) > 1:
launcher = service.ProcessLauncher()
else:
launcher = service.ServiceLauncher()
for name, server in servers:
try:
server.launch_with(launcher)
except socket.error:
logging.exception(_('Failed to start the %(name)s server') % {
'name': name})
raise
# notify calling process we are ready to serve
systemd.notify_once()
for name, server in servers:
launcher.wait()
if __name__ == '__main__':
dev_conf = os.path.join(possible_topdir,
'etc',
'keystone.conf')
config_files = None
if os.path.exists(dev_conf):
config_files = [dev_conf]
config.configure()
sql.initialize()
config.set_default_for_default_log_levels()
CONF(project='keystone',
version=pbr.version.VersionInfo('keystone').version_string(),
default_config_files=config_files)
config.setup_logging()
# Log the options used when starting if we're in debug mode...
if CONF.debug:
CONF.log_opt_values(logging.getLogger(CONF.prog), logging.DEBUG)
paste_config = config.find_paste_config()
monkeypatch_thread = not CONF.standard_threads
pydev_debug_url = utils.setup_remote_pydev_debug()
if pydev_debug_url:
# in order to work around errors caused by monkey patching we have to
# set the thread to False. An explanation is here:
# http://lists.openstack.org/pipermail/openstack-dev/2012-August/
# 000794.html
monkeypatch_thread = False
environment.use_eventlet(monkeypatch_thread)
backends.load_backends()
servers = []
servers.append(create_server(paste_config,
'admin',
CONF.admin_bind_host,
int(CONF.admin_port),
CONF.admin_workers))
servers.append(create_server(paste_config,
'main',
CONF.public_bind_host,
int(CONF.public_port),
CONF.public_workers))
dependency.resolve_future_dependencies()
serve(*servers)
View Git Blame Copy Permalink