support other components using apache mod_wsgi

Keystone is moving to use apache mod_wsgi instead of standalone eventlet daemon. Packstack should support deployment of keystone using this model. A new command line switch --keystone-service-name is added, and a new config parameter CONFIG_KEYSTONE_SERVICE_NAME is added. If this is set to 'httpd', keystone will be set up to use apache mod_wsgi, otherwise, it will be a standalone eventlet service. There is some common apache configuration that must be done by every module that uses apache. There is a new class in packstack called packstack::apache_common. Each component that uses apache must call "include packstack::apache_common". This ensures that a subsequent component manifest will not wipe out apache configuration created by a previous component manifest or the initial apache configuration created by prescript.pp. Change-Id: I73b853507dffb2540638182f3072e65e4d7ad485 Closes-Bug: #1348732
2014-07-17 16:23:35 -06:00
parent b9cf4bf7e5
commit f47d6501f6
6 changed files with 58 additions and 11 deletions
--- a/packstack/plugins/keystone_100.py
+++ b/packstack/plugins/keystone_100.py
@@ -104,6 +104,19 @@ def initConfig(controller):
         "USE_DEFAULT": True,
         "NEED_CONFIRM": False,
         "CONDITION": False},
+
+        {"CMD_OPTION": "keystone-service-name",
+         "USAGE": "Name of service to use to run keystone (keystone or httpd)",
+         "PROMPT": "Enter the Keystone service name.",
+         "OPTION_LIST": ['keystone', 'httpd'],
+         "VALIDATORS": [validators.validate_options],
+         "DEFAULT_VALUE": "keystone",
+         "MASK_INPUT": False,
+         "LOOSE_VALIDATION": False,
+         "CONF_NAME": 'CONFIG_KEYSTONE_SERVICE_NAME',
+         "USE_DEFAULT": True,
+         "NEED_CONFIRM": False,
+         "CONDITION": False},
    ]
    group = {"GROUP_NAME": "KEYSTONE",
             "DESCRIPTION": "Keystone Config parameters",
--- a/packstack/puppet/modules/packstack/manifests/apache_common.pp
+++ b/packstack/puppet/modules/packstack/manifests/apache_common.pp
@@ -0,0 +1,26 @@
+# Code common to all classes that use Apache
+#
+# This allows multiple modules to safely use ::apache without
+# overwriting existing config or the ports file.
+#
+# Any module that uses apache must include this class
+#   include packstack_apache_common
+class packstack::apache_common {
+  include ::apache::params
+  # make sure the include ::apache in the module
+  # does not overwrite the contents of the config dirs
+  # from a previous module
+  if $::apache::params::confd_dir {
+    File<| title == $::apache::params::confd_dir |> {
+      purge => false,
+    }
+  }
+  # make sure the ports.conf concat fragments from previous
+  # runs are not overwritten by subsequent runs
+  include ::concat::setup
+  $my_safe_name = regsubst($::apache::params::ports_file, '[/:]', '_', 'G')
+  $my_fragdir = "${concat::setup::concatdir}/${my_safe_name}"
+  File<| title == "${my_fragdir}/fragments" |> {
+    purge => false,
+  }
+}
--- a/packstack/puppet/templates/horizon.pp
+++ b/packstack/puppet/templates/horizon.pp
@@ -1,4 +1,4 @@
-include concat::setup
+include packstack::apache_common

 $horizon_packages = ["python-memcached", "python-netaddr"]

--- a/packstack/puppet/templates/keystone.pp
+++ b/packstack/puppet/templates/keystone.pp
@@ -1,3 +1,4 @@
+$keystone_use_ssl = false

 class {"keystone":
    admin_token => "%(CONFIG_KEYSTONE_ADMIN_TOKEN)s",
@@ -6,6 +7,15 @@ class {"keystone":
    verbose => true,
    debug => %(CONFIG_DEBUG_MODE)s,
    mysql_module => '2.2',
+    service_name => '%(CONFIG_KEYSTONE_SERVICE_NAME)s',
+    enable_ssl => $keystone_use_ssl,
+}
+
+if '%(CONFIG_KEYSTONE_SERVICE_NAME)s' == 'httpd' {
+  include packstack::apache_common
+  class {"keystone::wsgi::apache":
+    ssl => $keystone_use_ssl,
+  }
 }

 class {"keystone::roles::admin":
--- a/packstack/puppet/templates/nagios_server.pp
+++ b/packstack/puppet/templates/nagios_server.pp
@@ -1,3 +1,5 @@
+include packstack::apache_common
+
 package{['nagios', 'nagios-plugins-nrpe']:
    ensure => present,
    before => Class['nagios_configs']
@@ -63,11 +65,7 @@ class{'nagios_configs':
    notify => [Service['nagios'], Service['httpd']],
 }

-include concat::setup
-
-class {'apache':
-    purge_configs => false,
-}
+include ::apache
 class {'apache::mod::php': }

 service{['nagios']:
@@ -81,8 +79,3 @@ firewall { '001 nagios incoming':
    dport    => ['80'],
    action   => 'accept',
 }
-
-# ensure that we won't stop listening on 443 if horizon has ssl enabled
-if %(CONFIG_HORIZON_SSL)s {
-    apache::listen { '443': }
-}
--- a/packstack/puppet/templates/prescript.pp
+++ b/packstack/puppet/templates/prescript.pp
@@ -1,4 +1,9 @@
 include firewall
+# This does the initial apache setup for all components that
+# require apache/httpd.
+# Other packstack components that use apache should do
+#   include packstack_apache_common
+include ::apache

 $el_releases = ['RedHat', 'CentOS', 'Scientific']