stackforge/libra
Code Issues Proposed changes

[worker] No longer require sudo for socat.

Browse Source 
If we change the owner of the haproxy stats socket to the same owner
as the worker, we don't need to use sudo (which may be causing some
odd slowness).

Change-Id: I362ef2a14e591f162dcf9571a244dc6d8ff07ff9
This commit is contained in:
David Shrewsbury
2013-06-19 20:47:23 +00:00
parent a795eddf29
commit 14e705b492
4 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
doc/worker/about.rst
View File

@@ -40,7 +40,7 @@ prompted for a password. It is suggested that you run the worker as
the `haproxy` user and `haproxy` group on Ubuntu systems. Then add the the `haproxy` user and `haproxy` group on Ubuntu systems. Then add the
following line to /etc/sudoers:: following line to /etc/sudoers::
%haproxy ALL = NOPASSWD: /usr/sbin/service, /bin/cp, /bin/mv, /bin/rm, /bin/chown, /usr/bin/socat %haproxy ALL = NOPASSWD: /usr/sbin/service, /bin/cp, /bin/mv, /bin/rm, /bin/chown
The above lets everyone in the *haproxy* group run those commands The above lets everyone in the *haproxy* group run those commands
as root without being prompted for a password. as root without being prompted for a password.

1
libra/worker/controller.py
View File

@@ -37,7 +37,6 @@ class LBaaSController(object):
def __init__(self, logger, driver, json_msg): def __init__(self, logger, driver, json_msg):
self.logger = logger self.logger = logger
self.driver = driver self.driver = driver
self.logger.debug("Entered LBaaSController")
self.msg = json_msg self.msg = json_msg
def run(self): def run(self):

17
libra/worker/drivers/haproxy/driver.py
View File

@@ -49,6 +49,7 @@ class HAProxyDriver(LoadBalancerDriver):
Use whatever configuration parameters have been set to generate Use whatever configuration parameters have been set to generate
output suitable for a HAProxy configuration file. output suitable for a HAProxy configuration file.
""" """
stats_socket = "/var/run/haproxy-stats.socket"
output = [] output = []
output.append('global') output.append('global')
output.append(' daemon') output.append(' daemon')
@@ -56,9 +57,19 @@ class HAProxyDriver(LoadBalancerDriver):
output.append(' maxconn 4096') output.append(' maxconn 4096')
output.append(' user haproxy') output.append(' user haproxy')
output.append(' group haproxy') output.append(' group haproxy')
output.append(
' stats socket /var/run/haproxy-stats.socket mode operator' # group can be None, but user cannot
) if self.group is None:
output.append(
' stats socket %s user %s mode operator' %
(stats_socket, self.user)
)
else:
output.append(
' stats socket %s user %s group %s mode operator' %
(stats_socket, self.user, self.group)
)
output.append('defaults') output.append('defaults')
output.append(' log global') output.append(' log global')
output.append(' option dontlognull') output.append(' option dontlognull')

2
libra/worker/drivers/haproxy/query.py
View File

@@ -32,7 +32,7 @@ class HAProxyQuery(object):
Return the output of a successful query as a string with trailing Return the output of a successful query as a string with trailing
newlines removed, or raise an Exception if the query fails. newlines removed, or raise an Exception if the query fails.
""" """
cmd = 'echo "%s" | sudo -n /usr/bin/socat stdio %s' % \ cmd = 'echo "%s" | /usr/bin/socat stdio %s' % \
(query, self.socket) (query, self.socket)
try: try: