From 30612195ab66600b03b537353783f14c0d97bb8b Mon Sep 17 00:00:00 2001 From: "Jesse Pretorius (odyssey4me)" Date: Tue, 13 Mar 2018 11:53:16 +0000 Subject: [PATCH] Revert "Convert role to use a common systemd init role" Until all the roles are ready and have this new role in the ansible-role-requirements, we should not be merging this. We should also ensure that the integrated a-r-r includes this role before merging this. This reverts commit b42eef0dc4b367e05f16a6654dc10aca1f9b7480. Change-Id: I8a944db87948ff783028240d3548016a52ab5af4 --- defaults/main.yml | 20 ++------ handlers/main.yml | 4 +- tasks/keystone_db_setup.yml | 2 +- tasks/keystone_init_systemd.yml | 59 ++++++++++++++++++++++++ tasks/keystone_install.yml | 2 +- tasks/keystone_nginx.yml | 4 +- tasks/keystone_uwsgi.yml | 14 +----- templates/keystone-systemd-tempfiles.j2 | 6 +++ templates/keystone-uwsgi_systemd-init.j2 | 34 ++++++++++++++ tests/ansible-role-requirements.yml | 4 -- 10 files changed, 112 insertions(+), 37 deletions(-) create mode 100644 tasks/keystone_init_systemd.yml create mode 100644 templates/keystone-systemd-tempfiles.j2 create mode 100644 templates/keystone-uwsgi_systemd-init.j2 diff --git a/defaults/main.yml b/defaults/main.yml index b1bcb0f3..a7734969 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -210,7 +210,11 @@ keystone_wsgi_threads: 1 ## Cap the maximun number of processes when a user value is unspecified. keystone_wsgi_processes_max: 16 keystone_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, keystone_wsgi_processes_max] | min }}" - +keystone_wsgi_public_program_name: keystone-wsgi-public +keystone_wsgi_admin_program_name: keystone-wsgi-admin +keystone_wsgi_program_names: + - "{{ keystone_wsgi_public_program_name }}" + - "{{ keystone_wsgi_admin_program_name }}" keystone_uwsgi_ports: keystone-wsgi-public: http: 37358 @@ -218,7 +222,6 @@ keystone_uwsgi_ports: keystone-wsgi-admin: http: 37359 socket: 5001 - keystone_uwsgi_ini_overrides: {} # set keystone_ssl to true to enable SSL configuration on the keystone containers @@ -471,19 +474,6 @@ keystone_required_secrets: keystone_uwsgi_init_overrides: {} -## Service Name-Group Mapping -keystone_services: - keystone-wsgi-public: - service_name: "keystone-wsgi-public" - init_config_overrides: "{{ keystone_uwsgi_init_overrides }}" - program_config_options: "--ini /etc/uwsgi/keystone-wsgi-public.ini" - program_override: "{{ keystone_bin }}/uwsgi" - keystone-wsgi-admin: - service_name: "keystone-wsgi-admin" - init_config_overrides: "{{ keystone_uwsgi_init_overrides }}" - program_config_options: "--ini /etc/uwsgi/keystone-wsgi-admin.ini" - program_override: "{{ keystone_bin }}/uwsgi" - ## Extra HTTP headers for Keystone # Add any additional headers here that Keystone should return. # diff --git a/handlers/main.yml b/handlers/main.yml index 20933d17..5c0e9b1e 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -46,7 +46,7 @@ until: _stop | success retries: 5 delay: 2 - with_items: "{{ keystone_services.keys() }}" + with_items: "{{ keystone_wsgi_program_names }}" listen: "Restart uWSGI" # Note (odyssey4me): @@ -77,7 +77,7 @@ until: _start | success retries: 5 delay: 2 - with_items: "{{ keystone_services.keys() }}" + with_items: "{{ keystone_wsgi_program_names }}" listen: "Restart uWSGI" - name: Wait for uWSGI socket to be ready diff --git a/tasks/keystone_db_setup.yml b/tasks/keystone_db_setup.yml index 467a40a9..bf8951d6 100644 --- a/tasks/keystone_db_setup.yml +++ b/tasks/keystone_db_setup.yml @@ -54,7 +54,7 @@ until: _stop | success retries: 5 delay: 2 - with_items: "{{ keystone_services.keys() }}" + with_items: "{{ keystone_wsgi_program_names }}" when: - "(ansible_local['openstack_ansible']['keystone']['need_db_expand'] | bool) or (ansible_local['openstack_ansible']['keystone']['need_db_migrate'] | bool)" diff --git a/tasks/keystone_init_systemd.yml b/tasks/keystone_init_systemd.yml new file mode 100644 index 00000000..3d9c8ec9 --- /dev/null +++ b/tasks/keystone_init_systemd.yml @@ -0,0 +1,59 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Create TEMP run dir + file: + path: "/var/run/{{ item }}" + state: directory + owner: "{{ keystone_system_user_name }}" + group: "{{ keystone_system_group_name }}" + mode: "02755" + with_items: "{{ keystone_wsgi_program_names }}" + +- name: Create TEMP lock dir + file: + path: "/var/lock/{{ item }}" + state: directory + owner: "{{ keystone_system_user_name }}" + group: "{{ keystone_system_group_name }}" + mode: "02755" + with_items: "{{ keystone_wsgi_program_names }}" + +- name: Create tempfile.d entry + template: + src: "keystone-systemd-tempfiles.j2" + dest: "/etc/tmpfiles.d/keystone.conf" + mode: "0644" + owner: "root" + group: "root" + notify: + - Manage LB + - Restart uWSGI + - Restart web server + +- name: Place the systemd init script + config_template: + src: "keystone-uwsgi_systemd-init.j2" + dest: "/etc/systemd/system/{{ item }}.service" + mode: "0644" + owner: "root" + group: "root" + config_overrides: "{{ keystone_uwsgi_init_overrides }}" + config_type: "ini" + with_items: "{{ keystone_wsgi_program_names }}" + notify: + - Manage LB + - Restart uWSGI + - Restart web server diff --git a/tasks/keystone_install.yml b/tasks/keystone_install.yml index 5ba36750..bb6e9375 100644 --- a/tasks/keystone_install.yml +++ b/tasks/keystone_install.yml @@ -58,7 +58,7 @@ name: "{{ (keystone_web_server == 'nginx') | ternary(keystone_system_service_name, 'nginx') }}" enabled: no state: stopped - daemon_reload: "yes" + daemon_reload: "{{ (ansible_service_mgr == 'systemd') | ternary('yes', omit) }}" failed_when: false - name: Remove other web server distro packages and mod_wsgi diff --git a/tasks/keystone_nginx.yml b/tasks/keystone_nginx.yml index 3bed21c7..cb5dc63a 100644 --- a/tasks/keystone_nginx.yml +++ b/tasks/keystone_nginx.yml @@ -48,7 +48,7 @@ template: src: keystone_nginx.conf.j2 dest: "/etc/nginx/{{ keystone_nginx_conf_path }}/{{ item }}.conf" - with_items: "{{ keystone_services.keys() }}" + with_items: "{{ keystone_wsgi_program_names }}" notify: - Manage LB - Restart web server @@ -58,7 +58,7 @@ src: "/etc/nginx/sites-available/{{ item }}.conf" path: "/etc/nginx/sites-enabled/{{ item }}.conf" state: link - with_items: "{{ keystone_services.keys() }}" + with_items: "{{ keystone_wsgi_program_names }}" when: ansible_os_family == "Debian" notify: - Manage LB diff --git a/tasks/keystone_uwsgi.yml b/tasks/keystone_uwsgi.yml index 8a9712d7..e961d9a1 100644 --- a/tasks/keystone_uwsgi.yml +++ b/tasks/keystone_uwsgi.yml @@ -25,19 +25,9 @@ mode: "0744" config_overrides: "{{ keystone_uwsgi_ini_overrides }}" config_type: ini - with_items: "{{ keystone_services.keys() }}" + with_items: "{{ keystone_wsgi_program_names }}" notify: - Manage LB - Restart uWSGI -- name: Run the systemd service role - include_role: - name: systemd_service - private: true - vars: - systemd_services: "{{ keystone_services.values() }}" - systemd_tempd_prefix: openstack - systemd_bin_path: "{{ keystone_bin }}" - system_lock_path: /var/lock/keystone - tags: - - keystone-config +- include_tasks: "keystone_init_{{ ansible_service_mgr }}.yml" diff --git a/templates/keystone-systemd-tempfiles.j2 b/templates/keystone-systemd-tempfiles.j2 new file mode 100644 index 00000000..9df02a36 --- /dev/null +++ b/templates/keystone-systemd-tempfiles.j2 @@ -0,0 +1,6 @@ +# {{ ansible_managed }} + +{% for program_name in keystone_wsgi_program_names %} +D /var/lock/{{ program_name }} 2755 {{ keystone_system_user_name }} {{ keystone_system_group_name }} +D /var/run/{{ program_name }} 2755 {{ keystone_system_user_name }} {{ keystone_system_group_name }} +{% endfor %} diff --git a/templates/keystone-uwsgi_systemd-init.j2 b/templates/keystone-uwsgi_systemd-init.j2 new file mode 100644 index 00000000..cb021d96 --- /dev/null +++ b/templates/keystone-uwsgi_systemd-init.j2 @@ -0,0 +1,34 @@ +# {{ ansible_managed }} + +[Unit] +Description=OpenStack Keystone service +After=syslog.target +After=network.target + +[Service] +Type=simple +User={{ keystone_system_user_name }} +Group={{ keystone_system_group_name }} + +{% if program_override is defined %} +ExecStart={{ program_override }} --ini /etc/uwsgi/{{ item }}.ini --logto /var/log/keystone/{{ item }}.log {{ program_config_options|default('') }} +{% else %} +ExecStart={{ keystone_bin }}/uwsgi --ini /etc/uwsgi/{{ item }}.ini --logto /var/log/keystone/{{ item }}.log {{ program_config_options|default('') }} +{% endif %} + +# Give a reasonable amount of time for the server to start up/shut down +TimeoutSec=120 +Restart=on-failure +RestartSec=2 + +# This creates a specific slice which all services will operate from +# The accounting options give us the ability to see resource usage through +# the `systemd-cgtop` command. +Slice=keystone.slice +CPUAccounting=true +BlockIOAccounting=true +MemoryAccounting=false +TasksAccounting=true + +[Install] +WantedBy=multi-user.target diff --git a/tests/ansible-role-requirements.yml b/tests/ansible-role-requirements.yml index 2de20a1b..85b48b09 100644 --- a/tests/ansible-role-requirements.yml +++ b/tests/ansible-role-requirements.yml @@ -50,7 +50,3 @@ src: https://git.openstack.org/openstack/openstack-ansible-os_tempest scm: git version: master -- name: systemd_service - src: https://github.com/cloudnull/ansible-systemd_service - scm: git - version: master