x
/
snap-keystone
Code Issues Proposed changes

Add uwsgi+nginx API support 

With this patch we use nginx as the web server for API requests,
and continue to run the keystone API wsgi apps under uwsgi.

Change-Id: I637daec2424ef4c377dac249fcc03f43db70a2fe
This commit is contained in:
Corey Bryant 2017-03-29 11:45:55 +00:00
parent 3394be995d
commit aa96f0f0bc
6 changed files with 87 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
snap/snap-openstack.yaml
View File

@ -4,18 +4,27 @@ setup:
- "/etc/keystone"
- "/etc/keystone/conf.d"
- "/etc/keystone/fernet-keys"
- "/etc/nginx/sites-enabled"
- "/etc/uwsgi"
- "/var/lib/keystone"
- "/var/lib/nginx"
- "/var/lock/keystone"
- "/var/log/keystone"
- "/var/log/uwsgi"
- "/var/log/nginx/keystone"
- "/var/run/keystone"
- "/var/www/keystone"
templates:
keystone-snap.conf.j2: "/etc/keystone/conf.d/keystone-snap.conf"
admin.ini.j2: "/etc/uwsgi/keystone-admin.ini"
public.ini.j2: "/etc/uwsgi/keystone-public.ini"
keystone-nginx.conf.j2: "/etc/nginx/sites-enabled/keystone.conf"
# NOTE(coreycb): drop nginx.conf template when support lands for
# dropping permissions to regular user.
nginx.conf.j2: "/etc/nginx/nginx.conf"
copyfiles:
"{snap}/etc/keystone": "/etc/keystone"
"{snap}/etc/nginx/": "/etc/nginx"
entry_points:
keystone-manage:
binary: keystone-manage
@ -23,7 +32,9 @@ entry_points:
- "/etc/keystone/keystone.conf"
config-dirs:
- "/etc/keystone/conf.d"
keystone-api:
keystone-uwsgi:
type: uwsgi
uwsgi-dir: "/etc/uwsgi"
log-file: "/var/log/uwsgi/keystone.log"
keystone-nginx:
type: nginx

1
snap/templates/admin.ini.j2
View File

@ -2,7 +2,6 @@
wsgi-file = {{ snap }}/bin/keystone-wsgi-admin
uwsgi-socket = /var/run/keystone/admin.sock
buffer-size = 65535
http = 0.0.0.0:35357
master = true
enable-threads = true
processes = 4

20
snap/templates/keystone-nginx.conf.j2 Normal file
View File

@ -0,0 +1,20 @@
server {
listen 5000;
access_log /var/log/nginx/keystone/access.log;
error_log /var/log/nginx/keystone/error.log;
location / {
include uwsgi_params;
uwsgi_param SCRIPT_NAME '';
uwsgi_pass unix:///var/run/keystone/admin.sock;
}
}
server {
listen 35357;
access_log /var/log/nginx/keystone/access.log;
error_log /var/log/nginx/keystone/error.log;
location / {
include uwsgi_params;
uwsgi_param SCRIPT_NAME '';
uwsgi_pass unix:///var/run/keystone/public.sock;
}
}

48
snap/templates/nginx.conf.j2 Normal file
View File

@ -0,0 +1,48 @@
user root;
worker_processes auto;
pid /var/run/nginx/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

1
snap/templates/public.ini.j2
View File

@ -2,7 +2,6 @@
wsgi-file = {{ snap }}/bin/keystone-wsgi-public
uwsgi-socket = /var/run/keystone/public.sock
buffer-size = 65535
http = 0.0.0.0:5000
master = true
enable-threads = true
processes = 4

10
snapcraft.yaml
View File

@ -10,13 +10,16 @@ confinement: classic
grade: devel
environment:
PATH: $PATH:$SNAP/bin/
PATH: $PATH:$SNAP/bin/:$SNAP/usr/sbin
PYTHONPATH: $PYTHONPATH:$SNAP/lib/python2.7/site-packages
apps:
api:
command: snap-openstack keystone-api
uwsgi:
command: snap-openstack keystone-uwsgi
daemon: simple
nginx:
command: snap-openstack keystone-nginx
daemon: forking
manage:
command: snap-openstack keystone-manage
@ -34,6 +37,7 @@ parts:
- gcc
- libffi-dev
- libssl-dev
stage-packages: [nginx]
templates:
after: [keystone]
plugin: dump