diff --git a/README.md b/README.md index 3a47fc3b71..46d3f96a9f 100644 --- a/README.md +++ b/README.md @@ -83,6 +83,13 @@ Example (Qpid): ENABLED_SERVICES="$ENABLED_SERVICES,-rabbit,-zeromq,qpid" +# Apache Frontend + +Apache web server is enabled for wsgi services by setting `APACHE_ENABLED_SERVICES` in your localrc. But remember to enable these services at first as above. + +Example: + APACHE_ENABLED_SERVICES+=keystone,swift + # Swift Swift is disabled by default. When enabled, it is configured with diff --git a/lib/apache b/lib/apache new file mode 100644 index 0000000000..a2b0534d16 --- /dev/null +++ b/lib/apache @@ -0,0 +1,118 @@ +# lib/apache +# Functions to control configuration and operation of apache web server + +# Dependencies: +# ``functions`` file +# is_apache_enabled_service +# change_apache_user_group +# install_apache_wsgi +# config_apache_wsgi +# start_apache_server +# stop_apache_server +# restart_apache_server + +# Save trace setting +XTRACE=$(set +o | grep xtrace) +set +o xtrace + +# Allow overriding the default Apache user and group, default to +# current user and his default group. +APACHE_USER=${APACHE_USER:-$USER} +APACHE_GROUP=${APACHE_GROUP:-$(id -gn $APACHE_USER)} + + +# Set up apache name and configuration directory +if is_ubuntu; then + APACHE_NAME=apache2 + APACHE_CONF_DIR=sites-available +elif is_fedora; then + APACHE_NAME=httpd + APACHE_CONF_DIR=conf.d +elif is_suse; then + APACHE_NAME=apache2 + APACHE_CONF_DIR=vhosts.d +fi + +# Functions +# --------- + +# is_apache_enabled_service() checks if the service(s) specified as arguments are +# apache enabled by the user in ``APACHE_ENABLED_SERVICES`` as web front end. +# +# Multiple services specified as arguments are ``OR``'ed together; the test +# is a short-circuit boolean, i.e it returns on the first match. +# +# Uses global ``APACHE_ENABLED_SERVICES`` +# APACHE_ENABLED_SERVICES service [service ...] +function is_apache_enabled_service() { + services=$@ + for service in ${services}; do + [[ ,${APACHE_ENABLED_SERVICES}, =~ ,${service}, ]] && return 0 + done + return 1 +} + +# change_apache_user_group() - Change the User/Group to run Apache server +function change_apache_user_group(){ + local stack_user=$@ + if is_ubuntu; then + sudo sed -e " + s/^export APACHE_RUN_USER=.*/export APACHE_RUN_USER=${stack_user}/g; + s/^export APACHE_RUN_GROUP=.*/export APACHE_RUN_GROUP=${stack_user}/g + " -i /etc/${APACHE_NAME}/envvars + elif is_fedora; then + sudo sed -e " + s/^User .*/User ${stack_user}/g; + s/^Group .*/Group ${stack_user}/g + " -i /etc/${APACHE_NAME}/httpd.conf + elif is_suse; then + sudo sed -e " + s/^User .*/User ${stack_user}/g; + s/^Group .*/Group ${stack_user}/g + " -i /etc/${APACHE_NAME}/uid.conf + else + exit_distro_not_supported "apache user and group" + fi +} + +# install_apache_wsgi() - Install Apache server and wsgi module +function install_apache_wsgi() { + # Apache installation, because we mark it NOPRIME + if is_ubuntu; then + # Install apache2, which is NOPRIME'd + install_package apache2 libapache2-mod-wsgi + elif is_fedora; then + sudo rm -f /etc/httpd/conf.d/000-* + install_package httpd mod_wsgi + elif is_suse; then + install_package apache2 apache2-mod_wsgi + else + exit_distro_not_supported "apache installation" + fi +} + +# start_apache_server() - Start running apache server +function start_apache_server() { + start_service $APACHE_NAME +} + +# stop_apache_server() - Stop running apache server +function stop_apache_server() { + if [ -n "$APACHE_NAME" ]; then + stop_service $APACHE_NAME + else + exit_distro_not_supported "apache configuration" + fi +} + +# restart_apache_server +function restart_apache_server() { + restart_service $APACHE_NAME +} + +# Restore xtrace +$XTRACE + +# Local variables: +# mode: shell-script +# End: diff --git a/lib/horizon b/lib/horizon index f88247cd00..89bd65901c 100644 --- a/lib/horizon +++ b/lib/horizon @@ -4,6 +4,7 @@ # Dependencies: # ``functions`` file +# ``apache`` file # ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined # @@ -33,23 +34,6 @@ HORIZON_DIR=$DEST/horizon # The example file in Horizon repo is used by default. HORIZON_SETTINGS=${HORIZON_SETTINGS:-$HORIZON_DIR/openstack_dashboard/local/local_settings.py.example} -# Allow overriding the default Apache user and group, default to -# current user and his default group. -APACHE_USER=${APACHE_USER:-$USER} -APACHE_GROUP=${APACHE_GROUP:-$(id -gn $APACHE_USER)} - -# Set up service name and configuration path -if is_ubuntu; then - APACHE_NAME=apache2 - APACHE_CONF=sites-available/horizon -elif is_fedora; then - APACHE_NAME=httpd - APACHE_CONF=conf.d/horizon.conf -elif is_suse; then - APACHE_NAME=apache2 - APACHE_CONF=vhosts.d/horizon.conf -fi - # Functions # --------- @@ -122,11 +106,12 @@ function init_horizon() { sudo mkdir -p $HORIZON_DIR/.blackhole HORIZON_REQUIRE='' + local horizon_conf=/etc/$APACHE_NAME/$APACHE_CONF_DIR/horizon if is_ubuntu; then # Clean up the old config name sudo rm -f /etc/apache2/sites-enabled/000-default # Be a good citizen and use the distro tools here - sudo touch /etc/$APACHE_NAME/$APACHE_CONF + sudo touch $horizon_conf sudo a2ensite horizon # WSGI isn't enabled by default, enable it sudo a2enmod wsgi @@ -156,23 +141,13 @@ function init_horizon() { s,%APACHE_NAME%,$APACHE_NAME,g; s,%DEST%,$DEST,g; s,%HORIZON_REQUIRE%,$HORIZON_REQUIRE,g; - \" $FILES/apache-horizon.template >/etc/$APACHE_NAME/$APACHE_CONF" + \" $FILES/apache-horizon.template >$horizon_conf" } # install_horizon() - Collect source and prepare function install_horizon() { # Apache installation, because we mark it NOPRIME - if is_ubuntu; then - # Install apache2, which is NOPRIME'd - install_package apache2 libapache2-mod-wsgi - elif is_fedora; then - sudo rm -f /etc/httpd/conf.d/000-* - install_package httpd mod_wsgi - elif is_suse; then - install_package apache2 apache2-mod_wsgi - else - exit_distro_not_supported "apache installation" - fi + install_apache_wsgi # NOTE(sdague) quantal changed the name of the node binary if is_ubuntu; then @@ -188,17 +163,13 @@ function install_horizon() { # start_horizon() - Start running processes, including screen function start_horizon() { - restart_service $APACHE_NAME + restart_apache_server screen_it horizon "cd $HORIZON_DIR && sudo tail -f /var/log/$APACHE_NAME/horizon_error.log" } # stop_horizon() - Stop running processes (non-screen) function stop_horizon() { - if [ -n "$APACHE_NAME" ]; then - stop_service $APACHE_NAME - else - exit_distro_not_supported "apache configuration" - fi + stop_apache_server } diff --git a/lib/swift b/lib/swift index e53d674666..c93b8b3923 100644 --- a/lib/swift +++ b/lib/swift @@ -3,6 +3,7 @@ # Dependencies: # ``functions`` file +# ``apache`` file # ``DEST``, ``SCREEN_NAME``, `SWIFT_HASH` must be defined # ``STACK_USER`` must be defined # ``SWIFT_DATA_DIR`` or ``DATA_DIR`` must be defined @@ -10,11 +11,13 @@ # ``stack.sh`` calls the entry points in this order: # # install_swift +# _config_swift_apache_wsgi # configure_swift # init_swift # start_swift # stop_swift # cleanup_swift +# _cleanup_swift_apache_wsgi # Save trace setting XTRACE=$(set +o | grep xtrace) @@ -28,6 +31,7 @@ set +o xtrace SWIFT_DIR=$DEST/swift SWIFTCLIENT_DIR=$DEST/python-swiftclient SWIFT_AUTH_CACHE_DIR=${SWIFT_AUTH_CACHE_DIR:-/var/cache/swift} +SWIFT_APACHE_WSGI_DIR=${SWIFT_APACHE_WSGI_DIR:-/var/www/swift} SWIFT3_DIR=$DEST/swift3 # TODO: add logging to different location. @@ -97,6 +101,103 @@ function cleanup_swift() { rm ${SWIFT_DATA_DIR}/drives/images/swift.img fi rm -rf ${SWIFT_DATA_DIR}/run/ + if is_apache_enabled_service swift; then + _cleanup_swift_apache_wsgi + fi +} + +# _cleanup_swift_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file +function _cleanup_swift_apache_wsgi() { + sudo rm -f $SWIFT_APACHE_WSGI_DIR/*.wsgi + ! is_fedora && sudo a2dissite proxy-server + for node_number in ${SWIFT_REPLICAS_SEQ}; do + for type in object container account; do + site_name=${type}-server-${node_number} + ! is_fedora && sudo a2dissite ${site_name} + sudo rm -f /etc/$APACHE_NAME/$APACHE_CONF_DIR/${site_name} + done + done +} + +# _config_swift_apache_wsgi() - Set WSGI config files of Swift +function _config_swift_apache_wsgi() { + sudo mkdir -p ${SWIFT_APACHE_WSGI_DIR} + local apache_vhost_dir=/etc/${APACHE_NAME}/$APACHE_CONF_DIR + local proxy_port=${SWIFT_DEFAULT_BIND_PORT:-8080} + + # copy proxy vhost and wsgi file + sudo cp ${SWIFT_DIR}/examples/apache2/proxy-server.template ${apache_vhost_dir}/proxy-server + sudo sed -e " + /^#/d;/^$/d; + s/%PORT%/$proxy_port/g; + s/%SERVICENAME%/proxy-server/g; + s/%APACHE_NAME%/${APACHE_NAME}/g; + " -i ${apache_vhost_dir}/proxy-server + + sudo cp ${SWIFT_DIR}/examples/wsgi/proxy-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/proxy-server.wsgi + sudo sed -e " + /^#/d;/^$/d; + s/%SERVICECONF%/proxy-server.conf/g; + " -i ${SWIFT_APACHE_WSGI_DIR}/proxy-server.wsgi + ! is_fedora && sudo a2ensite proxy-server + + # copy apache vhost file and set name and port + for node_number in ${SWIFT_REPLICAS_SEQ}; do + object_port=$[OBJECT_PORT_BASE + 10 * ($node_number - 1)] + container_port=$[CONTAINER_PORT_BASE + 10 * ($node_number - 1)] + account_port=$[ACCOUNT_PORT_BASE + 10 * ($node_number - 1)] + + sudo cp ${SWIFT_DIR}/examples/apache2/object-server.template ${apache_vhost_dir}/object-server-${node_number} + sudo sed -e " + s/%PORT%/$object_port/g; + s/%SERVICENAME%/object-server-${node_number}/g; + s/%APACHE_NAME%/${APACHE_NAME}/g; + " -i ${apache_vhost_dir}/object-server-${node_number} + ! is_fedora && sudo a2ensite object-server-${node_number} + + sudo cp ${SWIFT_DIR}/examples/wsgi/object-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/object-server-${node_number}.wsgi + sudo sed -e " + /^#/d;/^$/d; + s/%SERVICECONF%/object-server\/${node_number}.conf/g; + " -i ${SWIFT_APACHE_WSGI_DIR}/object-server-${node_number}.wsgi + + sudo cp ${SWIFT_DIR}/examples/apache2/container-server.template ${apache_vhost_dir}/container-server-${node_number} + sudo sed -e " + /^#/d;/^$/d; + s/%PORT%/$container_port/g; + s/%SERVICENAME%/container-server-${node_number}/g; + s/%APACHE_NAME%/${APACHE_NAME}/g; + " -i ${apache_vhost_dir}/container-server-${node_number} + ! is_fedora && sudo a2ensite container-server-${node_number} + + sudo cp ${SWIFT_DIR}/examples/wsgi/container-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/container-server-${node_number}.wsgi + sudo sed -e " + /^#/d;/^$/d; + s/%SERVICECONF%/container-server\/${node_number}.conf/g; + " -i ${SWIFT_APACHE_WSGI_DIR}/container-server-${node_number}.wsgi + + sudo cp ${SWIFT_DIR}/examples/apache2/account-server.template ${apache_vhost_dir}/account-server-${node_number} + sudo sed -e " + /^#/d;/^$/d; + s/%PORT%/$account_port/g; + s/%SERVICENAME%/account-server-${node_number}/g; + s/%APACHE_NAME%/${APACHE_NAME}/g; + " -i ${apache_vhost_dir}/account-server-${node_number} + ! is_fedora && sudo a2ensite account-server-${node_number} + + sudo cp ${SWIFT_DIR}/examples/wsgi/account-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/account-server-${node_number}.wsgi + sudo sed -e " + /^#/d;/^$/d; + s/%SERVICECONF%/account-server\/${node_number}.conf/g; + " -i ${SWIFT_APACHE_WSGI_DIR}/account-server-${node_number}.wsgi + + done + + # run apache server as stack user + change_apache_user_group ${STACK_USER} + + # WSGI isn't enabled by default, enable it + ! is_fedora && sudo a2enmod wsgi } # configure_swift() - Set config files, create data dirs and loop image @@ -288,6 +389,9 @@ EOF sudo chown -R $USER:adm ${swift_log_dir} sed "s,%SWIFT_LOGDIR%,${swift_log_dir}," $FILES/swift/rsyslog.conf | sudo \ tee /etc/rsyslog.d/10-swift.conf + if is_apache_enabled_service swift; then + _config_swift_apache_wsgi + fi } # create_swift_disk - Create Swift backing disk @@ -423,6 +527,9 @@ function init_swift() { function install_swift() { git_clone $SWIFT_REPO $SWIFT_DIR $SWIFT_BRANCH setup_develop $SWIFT_DIR + if is_apache_enabled_service swift; then + install_apache_wsgi + fi } function install_swiftclient() { @@ -444,6 +551,22 @@ function start_swift() { sudo systemctl start xinetd.service fi + if is_apache_enabled_service swift; then + # Make sure the apache lock dir is owned by $STACK_USER + # for running apache server to avoid failure of restarting + # apache server due to permission problem. + sudo chown -R $STACK_USER /var/run/lock/$APACHE_NAME + restart_apache_server + swift-init --run-dir=${SWIFT_DATA_DIR}/run rest start + screen_it s-proxy "cd $SWIFT_DIR && sudo tail -f /var/log/$APACHE_NAME/proxy-server" + if [[ ${SWIFT_REPLICAS} == 1 ]]; then + for type in object container account; do + screen_it s-${type} "cd $SWIFT_DIR && sudo tail -f /var/log/$APACHE_NAME/${type}-server-1" + done + fi + return 0 + fi + # By default with only one replica we are launching the proxy, # container, account and object server in screen in foreground and # other services in background. If we have SWIFT_REPLICAS set to something @@ -460,7 +583,7 @@ function start_swift() { done screen_it s-proxy "cd $SWIFT_DIR && $SWIFT_DIR/bin/swift-proxy-server ${SWIFT_CONF_DIR}/proxy-server.conf -v" if [[ ${SWIFT_REPLICAS} == 1 ]]; then - for type in object container account;do + for type in object container account; do screen_it s-${type} "cd $SWIFT_DIR && $SWIFT_DIR/bin/swift-${type}-server ${SWIFT_CONF_DIR}/${type}-server/1.conf -v" done fi @@ -468,6 +591,11 @@ function start_swift() { # stop_swift() - Stop running processes (non-screen) function stop_swift() { + + if is_apache_enabled_service swift; then + swift-init --run-dir=${SWIFT_DATA_DIR}/run rest stop && return 0 + fi + # screen normally killed by unstack.sh if type -p swift-init >/dev/null; then swift-init --run-dir=${SWIFT_DATA_DIR}/run all stop || true diff --git a/stack.sh b/stack.sh index c5e306ecd9..5ba60d2430 100755 --- a/stack.sh +++ b/stack.sh @@ -298,6 +298,7 @@ SERVICE_TIMEOUT=${SERVICE_TIMEOUT:-60} # ================== # Source project function libraries +source $TOP_DIR/lib/apache source $TOP_DIR/lib/tls source $TOP_DIR/lib/infra source $TOP_DIR/lib/oslo diff --git a/unstack.sh b/unstack.sh index 1e80bf35c7..2268b90458 100755 --- a/unstack.sh +++ b/unstack.sh @@ -24,6 +24,9 @@ source $TOP_DIR/stackrc # Destination path for service data DATA_DIR=${DATA_DIR:-${DEST}/data} +# Import apache functions +source $TOP_DIR/lib/apache + # Get project function libraries source $TOP_DIR/lib/baremetal source $TOP_DIR/lib/cinder