Merge "Revert "Convert role to use a common systemd init role""

defaults/main.yml

@@ -201,7 +201,11 @@ keystone_wsgi_threads: 1
 ## Cap the maximun number of processes when a user value is unspecified.
 keystone_wsgi_processes_max: 16
 keystone_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, keystone_wsgi_processes_max] | min }}"
-
+keystone_wsgi_public_program_name: keystone-wsgi-public
+keystone_wsgi_admin_program_name: keystone-wsgi-admin
+keystone_wsgi_program_names:
+  - "{{ keystone_wsgi_public_program_name }}"
+  - "{{ keystone_wsgi_admin_program_name }}"
 keystone_uwsgi_ports:
   keystone-wsgi-public:
     http: 37358
@@ -209,7 +213,6 @@ keystone_uwsgi_ports:
   keystone-wsgi-admin:
     http: 37359
     socket: 5001
-
 keystone_uwsgi_ini_overrides: {}
 
 # set keystone_ssl to true to enable SSL configuration on the keystone containers
@@ -462,19 +465,6 @@ keystone_required_secrets:
 
 keystone_uwsgi_init_overrides: {}
 
-## Service Name-Group Mapping
-keystone_services:
-  keystone-wsgi-public:
-    service_name: "keystone-wsgi-public"
-    init_config_overrides: "{{ keystone_uwsgi_init_overrides }}"
-    program_config_options: "--ini /etc/uwsgi/keystone-wsgi-public.ini"
-    program_override: "{{ keystone_bin }}/uwsgi"
-  keystone-wsgi-admin:
-    service_name: "keystone-wsgi-admin"
-    init_config_overrides: "{{ keystone_uwsgi_init_overrides }}"
-    program_config_options: "--ini /etc/uwsgi/keystone-wsgi-admin.ini"
-    program_override: "{{ keystone_bin }}/uwsgi"
-
 ## Extra HTTP headers for Keystone
 # Add any additional headers here that Keystone should return.
 #

handlers/main.yml

@@ -46,7 +46,7 @@
   until: _stop | success
   retries: 5
   delay: 2
-  with_items: "{{ keystone_services.keys() }}"
+  with_items: "{{ keystone_wsgi_program_names }}"
   listen: "Restart uWSGI"
 
 # Note (odyssey4me):
@@ -77,7 +77,7 @@
   until: _start | success
   retries: 5
   delay: 2
-  with_items: "{{ keystone_services.keys() }}"
+  with_items: "{{ keystone_wsgi_program_names }}"
   listen: "Restart uWSGI"
 
 - name: Wait for uWSGI socket to be ready

tasks/keystone_db_setup.yml

@@ -54,7 +54,7 @@
   until: _stop | success
   retries: 5
   delay: 2
-  with_items: "{{ keystone_services.keys() }}"
+  with_items: "{{ keystone_wsgi_program_names }}"
   when:
     - "(ansible_local['openstack_ansible']['keystone']['need_db_expand'] | bool) or
        (ansible_local['openstack_ansible']['keystone']['need_db_migrate'] | bool)"

tasks/keystone_init_systemd.yml

@@ -0,0 +1,59 @@
+---
+# Copyright 2016, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Create TEMP run dir
+  file:
+    path: "/var/run/{{ item }}"
+    state: directory
+    owner: "{{ keystone_system_user_name }}"
+    group: "{{ keystone_system_group_name }}"
+    mode: "02755"
+  with_items: "{{ keystone_wsgi_program_names }}"
+
+- name: Create TEMP lock dir
+  file:
+    path: "/var/lock/{{ item }}"
+    state: directory
+    owner: "{{ keystone_system_user_name }}"
+    group: "{{ keystone_system_group_name }}"
+    mode: "02755"
+  with_items: "{{ keystone_wsgi_program_names }}"
+
+- name: Create tempfile.d entry
+  template:
+    src: "keystone-systemd-tempfiles.j2"
+    dest: "/etc/tmpfiles.d/keystone.conf"
+    mode: "0644"
+    owner: "root"
+    group: "root"
+  notify:
+    - Manage LB
+    - Restart uWSGI
+    - Restart web server
+
+- name: Place the systemd init script
+  config_template:
+    src: "keystone-uwsgi_systemd-init.j2"
+    dest: "/etc/systemd/system/{{ item }}.service"
+    mode: "0644"
+    owner: "root"
+    group: "root"
+    config_overrides: "{{ keystone_uwsgi_init_overrides }}"
+    config_type: "ini"
+  with_items: "{{ keystone_wsgi_program_names }}"
+  notify:
+    - Manage LB
+    - Restart uWSGI
+    - Restart web server

tasks/keystone_install.yml

@@ -58,7 +58,7 @@
     name: "{{ (keystone_web_server == 'nginx') | ternary(keystone_system_service_name, 'nginx') }}"
     enabled: no
     state: stopped
-    daemon_reload: "yes"
+    daemon_reload: "{{ (ansible_service_mgr == 'systemd') | ternary('yes', omit) }}"
   failed_when: false
 
 - name: Remove other web server distro packages and mod_wsgi

tasks/keystone_nginx.yml

@@ -48,7 +48,7 @@
   template:
     src: keystone_nginx.conf.j2
     dest: "/etc/nginx/{{ keystone_nginx_conf_path }}/{{ item }}.conf"
-  with_items: "{{ keystone_services.keys() }}"
+  with_items: "{{ keystone_wsgi_program_names }}"
   notify:
     - Manage LB
     - Restart web server
@@ -58,7 +58,7 @@
     src: "/etc/nginx/sites-available/{{ item }}.conf"
     path: "/etc/nginx/sites-enabled/{{ item }}.conf"
     state: link
-  with_items: "{{ keystone_services.keys() }}"
+  with_items: "{{ keystone_wsgi_program_names }}"
   when: ansible_os_family == "Debian"
   notify:
     - Manage LB

tasks/keystone_uwsgi.yml

@@ -25,19 +25,9 @@
     mode: "0744"
     config_overrides: "{{ keystone_uwsgi_ini_overrides }}"
     config_type: ini
-  with_items: "{{ keystone_services.keys() }}"
+  with_items: "{{ keystone_wsgi_program_names }}"
   notify:
     - Manage LB
     - Restart uWSGI
 
-- name: Run the systemd service role
-  include_role:
-    name: systemd_service
-    private: true
-  vars:
-    systemd_services: "{{ keystone_services.values() }}"
-    systemd_tempd_prefix: openstack
-    systemd_bin_path: "{{ keystone_bin }}"
-    system_lock_path: /var/lock/keystone
-  tags:
-    - keystone-config
+- include_tasks: "keystone_init_{{ ansible_service_mgr }}.yml"

templates/keystone-systemd-tempfiles.j2

@@ -0,0 +1,6 @@
+# {{ ansible_managed }}
+
+{% for program_name in keystone_wsgi_program_names %}
+D /var/lock/{{ program_name }} 2755 {{ keystone_system_user_name }} {{ keystone_system_group_name }}
+D /var/run/{{ program_name }} 2755 {{ keystone_system_user_name }} {{ keystone_system_group_name }}
+{% endfor %}

templates/keystone-uwsgi_systemd-init.j2

@@ -0,0 +1,34 @@
+# {{ ansible_managed }}
+
+[Unit]
+Description=OpenStack Keystone service
+After=syslog.target
+After=network.target
+
+[Service]
+Type=simple
+User={{ keystone_system_user_name }}
+Group={{ keystone_system_group_name }}
+
+{% if program_override is defined %}
+ExecStart={{ program_override }} --ini /etc/uwsgi/{{ item }}.ini --logto /var/log/keystone/{{ item }}.log {{ program_config_options|default('') }}
+{% else %}
+ExecStart={{ keystone_bin }}/uwsgi --ini /etc/uwsgi/{{ item }}.ini --logto /var/log/keystone/{{ item }}.log {{ program_config_options|default('') }}
+{% endif %}
+
+# Give a reasonable amount of time for the server to start up/shut down
+TimeoutSec=120
+Restart=on-failure
+RestartSec=2
+
+# This creates a specific slice which all services will operate from
+#  The accounting options give us the ability to see resource usage through
+#  the `systemd-cgtop` command.
+Slice=keystone.slice
+CPUAccounting=true
+BlockIOAccounting=true
+MemoryAccounting=false
+TasksAccounting=true
+
+[Install]
+WantedBy=multi-user.target

tests/ansible-role-requirements.yml

@@ -50,7 +50,3 @@
   src: https://git.openstack.org/openstack/openstack-ansible-os_tempest
   scm: git
   version: master
-- name: systemd_service
-  src: https://github.com/cloudnull/ansible-systemd_service
-  scm: git
-  version: master