Make curl healthchecks work with internal TLS
Implement a new get_url_from_vhost bash function that parses the given vhost configuration file and returns the URL on which the service can be checked. Change-Id: I071ed26328703df9f272b689af854e3a6a1c9e97 Closes-Bug: #1713689
This commit is contained in:
parent
923658a720
commit
0389eece17
@ -161,7 +161,7 @@ HEALTHCHECK CMD /openstack/healthcheck
|
||||
|
||||
{% block heat_api_cfn_footer %}
|
||||
RUN mkdir -p /openstack && \
|
||||
ln -s /usr/share/openstack-tripleo-common/healthcheck/heat-api-cnf /openstack/healthcheck && \
|
||||
ln -s /usr/share/openstack-tripleo-common/healthcheck/heat-api-cfn /openstack/healthcheck && \
|
||||
chmod -R a+rx /openstack
|
||||
HEALTHCHECK CMD /openstack/healthcheck
|
||||
{% endblock %}
|
||||
|
@ -24,3 +24,16 @@ healthcheck_port () {
|
||||
get_config_val () {
|
||||
crudini --get "$1" "$2" "$3" 2> /dev/null || echo "$4"
|
||||
}
|
||||
|
||||
# apachectl -S is slightly harder to parse and doesn't say if the vhost is serving SSL
|
||||
get_url_from_vhost () {
|
||||
vhost_file=$1
|
||||
server_name=$(awk '/ServerName/ {print $2}' $vhost_file)
|
||||
ssl_enabled=$(awk '/SSLEngine/ {print $2}' $vhost_file)
|
||||
bind_port=$(grep -h "<VirtualHost .*>" $vhost_file | sed 's/<VirtualHost .*:\(.*\)>/\1/')
|
||||
proto=http
|
||||
if [[ $ssl_enabled == "on" ]]; then
|
||||
proto=https
|
||||
fi
|
||||
echo ${proto}://${server_name}:${bind_port}/
|
||||
}
|
||||
|
@ -5,4 +5,5 @@
|
||||
bind_host=$(get_config_val /etc/glance/glance-api.conf DEFAULT bind_host 127.0.0.1)
|
||||
bind_port=$(get_config_val /etc/glance/glance-api.conf DEFAULT bind_port 9292)
|
||||
|
||||
# glance-api is still eventlet
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/
|
||||
|
@ -2,6 +2,5 @@
|
||||
|
||||
. ${HEALTHCHECK_SCRIPTS:-/usr/share/openstack-tripleo-common/healthcheck}/common.sh
|
||||
|
||||
bind_host=$(get_config_val /etc/heat/heat.conf heat_api bind_host 127.0.0.1)
|
||||
bind_port=$(get_config_val /etc/heat/heat.conf heat_api bind_port 8004)
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/
|
||||
check_url=$(get_url_from_vhost /etc/httpd/conf.d/10-heat_api_wsgi.conf)
|
||||
healthcheck_curl ${check_url}
|
||||
|
@ -2,6 +2,5 @@
|
||||
|
||||
. ${HEALTHCHECK_SCRIPTS:-/usr/share/openstack-tripleo-common/healthcheck}/common.sh
|
||||
|
||||
bind_host=$(get_config_val /etc/heat/heat.conf heat_api_cfn bind_host 127.0.0.1)
|
||||
bind_port=$(get_config_val /etc/heat/heat.conf heat_api_cfn bind_port 8000)
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/
|
||||
check_url=$(get_url_from_vhost /etc/httpd/conf.d/10-heat_api_cfn_wsgi.conf)
|
||||
healthcheck_curl ${check_url}
|
||||
|
@ -2,6 +2,5 @@
|
||||
|
||||
. ${HEALTHCHECK_SCRIPTS:-/usr/share/tripleo-common/healthcheck}/common.sh
|
||||
|
||||
bind_host=$(get_config_val /etc/ironic/ironic.conf api host_ip 127.0.0.1)
|
||||
bind_port=$(get_config_val /etc/ironic/ironic.conf api port 6385)
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/
|
||||
check_url=$(get_url_from_vhost /etc/httpd/conf.d/10-ironic_wsgi.conf)
|
||||
healthcheck_curl ${check_url}
|
||||
|
@ -2,6 +2,5 @@
|
||||
|
||||
. ${HEALTHCHECK_SCRIPTS:-/usr/share/openstack-tripleo-common/healthcheck}/common.sh
|
||||
|
||||
bind_host=$(get_config_val /etc/keystone/keystone.conf DEFAULT admin_bind_host 127.0.0.1)
|
||||
bind_port=$(get_config_val /etc/keystone/keystone.conf DEFAULT admin_port 5000)
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/
|
||||
check_url=$(get_url_from_vhost /etc/httpd/conf.d/10-keystone_wsgi_admin.conf)
|
||||
healthcheck_curl ${check_url}
|
||||
|
@ -2,6 +2,5 @@
|
||||
|
||||
. ${HEALTHCHECK_SCRIPTS:-/usr/share/openstack-tripleo-common/healthcheck}/common.sh
|
||||
|
||||
bind_host=$(get_config_val /etc/keystone/keystone.conf DEFAULT public_bind_host 127.0.0.1)
|
||||
bind_port=$(get_config_val /etc/keystone/keystone.conf DEFAULT public_port 5000)
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/
|
||||
check_url=$(get_url_from_vhost /etc/httpd/conf.d/10-keystone_wsgi_main.conf)
|
||||
healthcheck_curl ${check_url}
|
||||
|
@ -2,6 +2,5 @@
|
||||
|
||||
. ${HEALTHCHECK_SCRIPTS:-/usr/share/openstack-tripleo-common/healthcheck}/common.sh
|
||||
|
||||
bind_host=$(get_config_val /etc/nova/nova.conf DEFAULT osapi_compute_listen 127.0.0.1)
|
||||
bind_port=$(get_config_val /etc/nova/nova.conf DEFAULT osapi_compute_listen_port 8774)
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/
|
||||
check_url=$(get_url_from_vhost /etc/httpd/conf.d/10-nova_api_wsgi.conf)
|
||||
healthcheck_curl ${check_url}
|
||||
|
@ -9,6 +9,7 @@ if ! crudini --get $conf pipeline:main pipeline | grep -q healthcheck; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# swift-account-server is still eventlet
|
||||
bind_host=$(get_config_val $conf DEFAULT bind_ip 127.0.0.1)
|
||||
bind_port=$(get_config_val $conf DEFAULT bind_port 6002)
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/healthcheck
|
||||
|
@ -9,6 +9,7 @@ if ! crudini --get $conf pipeline:main pipeline | grep -q healthcheck; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# swift-container-server is still eventlet
|
||||
bind_host=$(get_config_val $conf DEFAULT bind_ip 127.0.0.1)
|
||||
bind_port=$(get_config_val $conf DEFAULT bind_port 6001)
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/healthcheck
|
||||
|
@ -9,6 +9,7 @@ if ! crudini --get $conf pipeline:main pipeline | grep -q healthcheck; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# swift-object-server is still eventlet
|
||||
bind_host=$(get_config_val $conf DEFAULT bind_ip 127.0.0.1)
|
||||
bind_port=$(get_config_val $conf DEFAULT bind_port 6000)
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/healthcheck
|
||||
|
@ -9,6 +9,7 @@ if ! crudini --get $conf pipeline:main pipeline | grep -q healthcheck; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# swift-proxy is still eventlet
|
||||
bind_host=$(get_config_val $conf DEFAULT bind_ip 127.0.0.1)
|
||||
bind_port=$(get_config_val $conf DEFAULT bind_port 8080)
|
||||
healthcheck_curl http://${bind_host}:${bind_port}/healthcheck
|
||||
|
Loading…
Reference in New Issue
Block a user