From a2fe5e1f0e30714e50f08c786eadcf136ebaae6c Mon Sep 17 00:00:00 2001 From: ricolin Date: Wed, 1 Nov 2023 22:11:55 +0800 Subject: [PATCH] Glance: Support uWSGI for API server Currently Glance API server still using eventlet-based HTTP servers, it is generally considered more performant and flexible to run them using a generic HTTP server that supports WSGI. Change-Id: I7caec5d17f33d35843b4537965bafbb9b73d62ea --- glance/Chart.yaml | 2 +- glance/templates/bin/_glance-api.sh.tpl | 3 +-- glance/templates/configmap-etc.yaml | 10 ++++++++++ glance/templates/deployment-api.yaml | 4 ++++ glance/values.yaml | 26 ++++++++++++++++++++----- glance/values_overrides/tls.yaml | 5 +++-- releasenotes/notes/glance.yaml | 1 + 7 files changed, 41 insertions(+), 10 deletions(-) diff --git a/glance/Chart.yaml b/glance/Chart.yaml index f1b43edbf1..6ba0bb66ee 100644 --- a/glance/Chart.yaml +++ b/glance/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Glance name: glance -version: 0.4.20 +version: 0.4.21 home: https://docs.openstack.org/glance/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Glance/OpenStack_Project_Glance_vertical.png sources: diff --git a/glance/templates/bin/_glance-api.sh.tpl b/glance/templates/bin/_glance-api.sh.tpl index 9d427b60a2..a9018c2b4f 100644 --- a/glance/templates/bin/_glance-api.sh.tpl +++ b/glance/templates/bin/_glance-api.sh.tpl @@ -18,8 +18,7 @@ set -ex COMMAND="${@:-start}" function start () { - exec glance-api \ - --config-file /etc/glance/glance-api.conf + exec uwsgi --ini /etc/glance/glance-api-uwsgi.ini } function stop () { diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml index 0ee260614e..5a5f1c2814 100644 --- a/glance/templates/configmap-etc.yaml +++ b/glance/templates/configmap-etc.yaml @@ -100,6 +100,15 @@ limitations under the License. {{- $_ := tuple "image" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.glance.DEFAULT "bind_port" -}} {{- end -}} +{{- if empty .Values.conf.glance_api_uwsgi.uwsgi.processes -}} +{{- $_ := set .Values.conf.glance_api_uwsgi.uwsgi "processes" .Values.conf.glance.DEFAULT.workers -}} +{{- end -}} +{{- if empty (index .Values.conf.glance_api_uwsgi.uwsgi "http-socket") -}} +{{- $http_socket_port := tuple "image" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | toString }} +{{- $http_socket := printf "0.0.0.0:%s" $http_socket_port }} +{{- $_ := set .Values.conf.glance_api_uwsgi.uwsgi "http-socket" $http_socket -}} +{{- end -}} + {{- if and (empty .Values.conf.logging.handler_fluent) (has "fluent" .Values.conf.logging.handlers.keys) -}} {{- $fluentd_host := tuple "fluentd" "internal" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }} {{- $fluentd_port := tuple "fluentd" "internal" "service" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }} @@ -141,6 +150,7 @@ type: Opaque data: rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }} glance-api.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.glance | b64enc }} + glance-api-uwsgi.ini: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.glance_api_uwsgi | b64enc }} logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} glance-api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index e836a61fce..bfeaf26bff 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -214,6 +214,10 @@ spec: mountPath: /etc/glance/glance-api.conf subPath: glance-api.conf readOnly: true + - name: glance-etc + mountPath: /etc/glance/glance-api-uwsgi.ini + subPath: glance-api-uwsgi.ini + readOnly: true {{- if .Values.conf.glance.DEFAULT.log_config_append }} - name: glance-etc mountPath: {{ .Values.conf.glance.DEFAULT.log_config_append }} diff --git a/glance/values.yaml b/glance/values.yaml index 098c46ffbb..d2c3f50415 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -389,6 +389,22 @@ conf: priority: 0 apply-to: all pattern: '^(?!(amq\.|reply_)).*' + glance_api_uwsgi: + uwsgi: + add-header: "Connection: close" + buffer-size: 65535 + die-on-term: true + enable-threads: true + exit-on-reload: false + hook-master-start: unix_signal:15 gracefully_kill_them_all + lazy-apps: true + log-x-forwarded-for: true + master: true + procname-prefix-spaced: "glance-api:" + route-user-agent: '^kube-probe.* donotlog:' + thunder-lock: true + worker-reload-mercy: 80 + wsgi-file: /var/lib/openstack/bin/glance-wsgi-api network: api: @@ -883,14 +899,14 @@ pod: readiness: enabled: true params: - periodSeconds: 15 - timeoutSeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 liveness: enabled: true params: - initialDelaySeconds: 30 - periodSeconds: 15 - timeoutSeconds: 10 + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 resources: enabled: false api: diff --git a/glance/values_overrides/tls.yaml b/glance/values_overrides/tls.yaml index 385f9d054a..d1aa35ad02 100644 --- a/glance/values_overrides/tls.yaml +++ b/glance/values_overrides/tls.yaml @@ -4,8 +4,6 @@ images: nginx: docker.io/nginx:1.18.0 conf: glance: - DEFAULT: - bind_host: 127.0.0.1 keystone_authtoken: cafile: /etc/glance/certs/ca.crt glance_store: @@ -16,6 +14,9 @@ conf: ssl_ca_file: /etc/rabbitmq/certs/ca.crt ssl_cert_file: /etc/rabbitmq/certs/tls.crt ssl_key_file: /etc/rabbitmq/certs/tls.key + glance_api_uwsgi: + uwsgi: + http-socket: 127.0.0.1:9292 nginx: | worker_processes 1; daemon off; diff --git a/releasenotes/notes/glance.yaml b/releasenotes/notes/glance.yaml index 70433f7511..3a36199b7e 100644 --- a/releasenotes/notes/glance.yaml +++ b/releasenotes/notes/glance.yaml @@ -54,4 +54,5 @@ glance: - 0.4.18 Enable custom annotations for Openstack pods - 0.4.19 Add 2024.1 overrides - 0.4.20 Add readiness probe initial delay + - 0.4.21 Use uWSGI ...