feat: Replace ironic-api with uWSGI for the API server

Switch ironic API from the built-in ironic-api command to uWSGI,
following the same pattern used by the Magnum chart.

- Add ironic_api_uwsgi config section to values.yaml with uWSGI
  defaults (buffer-size, worker-reload-mercy, thunder-lock, etc.)
- Update _ironic-api.sh.tpl to exec uwsgi with the ini config
  instead of ironic-api --config-file
- Auto-populate uwsgi processes and http-socket from endpoint
  port lookup in configmap-etc.yaml
- Render ironic-api-uwsgi.ini into the ironic-etc Secret
- Mount ironic-api-uwsgi.ini in the API deployment

Change-Id: I9133fb0cfc45dcb78088040e03e3867dfc3bc77d
Signed-off-by: haseeb <syedhaseebahmed12@gmail.com>

ironic/templates/bin/_ironic-api.sh.tpl

@@ -16,15 +16,9 @@ limitations under the License.
 
 set -ex
 COMMAND="${@:-start}"
-{{- if and (.Values.bootstrap.object_store.enabled) (.Values.bootstrap.object_store.openstack.enabled) }}
-OPTIONS=" --config-file /tmp/pod-shared/swift.conf"
-{{- end }}
 
 function start () {
-  exec ironic-api \
-        --config-file /etc/ironic/ironic.conf \
-        ${OPTIONS} \
-        --config-dir /etc/ironic/ironic.conf.d
+  exec uwsgi --ini /etc/ironic/ironic-api-uwsgi.ini
 }
 
 function stop () {

ironic/templates/configmap-etc.yaml

@@ -251,6 +251,15 @@ limitations under the License.
 {{- $_ := set .Values.conf.ironic.api "port" (tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup") -}}
 {{- end -}}
 
+{{- if empty .Values.conf.ironic_api_uwsgi.uwsgi.processes -}}
+{{- $_ := set .Values.conf.ironic_api_uwsgi.uwsgi "processes" .Values.conf.ironic.api.workers -}}
+{{- end -}}
+{{- if empty (index .Values.conf.ironic_api_uwsgi.uwsgi "http-socket") -}}
+{{- $http_socket_port := tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | toString }}
+{{- $http_socket := printf "0.0.0.0:%s" $http_socket_port }}
+{{- $_ := set .Values.conf.ironic_api_uwsgi.uwsgi "http-socket" $http_socket -}}
+{{- end -}}
+
 {{- if and (empty .Values.conf.logging.handler_fluent) (has "fluent" .Values.conf.logging.handlers.keys) -}}
 {{- $fluentd_host := tuple "fluentd" "internal" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
 {{- $fluentd_port := tuple "fluentd" "internal" "service" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
@@ -275,6 +284,7 @@ metadata:
 type: Opaque
 data:
   ironic.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ironic | b64enc }}
+  ironic-api-uwsgi.ini: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ironic_api_uwsgi | b64enc }}
   logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }}
   policy.yaml: {{ toYaml .Values.conf.policy | b64enc }}
 {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.tftp_map_file "key" "tftp-map-file" "format" "Secret" ) | indent 2 }}

ironic/templates/deployment-api.yaml

@@ -114,6 +114,10 @@ spec:
               mountPath: /etc/ironic/ironic.conf
               subPath: ironic.conf
               readOnly: true
+            - name: ironic-etc
+              mountPath: /etc/ironic/ironic-api-uwsgi.ini
+              subPath: ironic-api-uwsgi.ini
+              readOnly: true
             - name: ironic-etc-snippets
               mountPath: /etc/ironic/ironic.conf.d/
               readOnly: true

ironic/values.yaml

@@ -212,6 +212,22 @@ conf:
     formatter_default:
       format: "%(message)s"
       datefmt: "%Y-%m-%d %H:%M:%S"
+  ironic_api_uwsgi:
+    uwsgi:
+      add-header: "Connection: close"
+      buffer-size: 65535
+      die-on-term: true
+      enable-threads: true
+      exit-on-reload: false
+      hook-master-start: unix_signal:15 gracefully_kill_them_all
+      lazy-apps: true
+      log-x-forwarded-for: true
+      master: true
+      procname-prefix-spaced: "ironic-api:"
+      route-user-agent: '^kube-probe.* donotlog:'
+      thunder-lock: true
+      worker-reload-mercy: 80
+      wsgi-file: /var/lib/openstack/bin/ironic-api-wsgi
 
 conductor:
   # -- Additional containers to add to the conductor pods