enable apache2 server as front end for swift
1.install apache and wsgi module
2.config apache2 vhost and wsgi files for proxy,
account, container and object server.
3.refactor apache functions from horizon and swift
into lib/apache
Change-Id: I3a5d1e511c5dca1e6d01a1adca8fda0a43d4f632
Implements: blueprint enable-apache-frontend-for-swift
diff --git a/lib/apache b/lib/apache
new file mode 100644
index 0000000..a2b0534
--- /dev/null
+++ b/lib/apache
@@ -0,0 +1,118 @@
+# lib/apache
+# Functions to control configuration and operation of apache web server
+
+# Dependencies:
+# ``functions`` file
+# is_apache_enabled_service
+# change_apache_user_group
+# install_apache_wsgi
+# config_apache_wsgi
+# start_apache_server
+# stop_apache_server
+# restart_apache_server
+
+# Save trace setting
+XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Allow overriding the default Apache user and group, default to
+# current user and his default group.
+APACHE_USER=${APACHE_USER:-$USER}
+APACHE_GROUP=${APACHE_GROUP:-$(id -gn $APACHE_USER)}
+
+
+# Set up apache name and configuration directory
+if is_ubuntu; then
+ APACHE_NAME=apache2
+ APACHE_CONF_DIR=sites-available
+elif is_fedora; then
+ APACHE_NAME=httpd
+ APACHE_CONF_DIR=conf.d
+elif is_suse; then
+ APACHE_NAME=apache2
+ APACHE_CONF_DIR=vhosts.d
+fi
+
+# Functions
+# ---------
+
+# is_apache_enabled_service() checks if the service(s) specified as arguments are
+# apache enabled by the user in ``APACHE_ENABLED_SERVICES`` as web front end.
+#
+# Multiple services specified as arguments are ``OR``'ed together; the test
+# is a short-circuit boolean, i.e it returns on the first match.
+#
+# Uses global ``APACHE_ENABLED_SERVICES``
+# APACHE_ENABLED_SERVICES service [service ...]
+function is_apache_enabled_service() {
+ services=$@
+ for service in ${services}; do
+ [[ ,${APACHE_ENABLED_SERVICES}, =~ ,${service}, ]] && return 0
+ done
+ return 1
+}
+
+# change_apache_user_group() - Change the User/Group to run Apache server
+function change_apache_user_group(){
+ local stack_user=$@
+ if is_ubuntu; then
+ sudo sed -e "
+ s/^export APACHE_RUN_USER=.*/export APACHE_RUN_USER=${stack_user}/g;
+ s/^export APACHE_RUN_GROUP=.*/export APACHE_RUN_GROUP=${stack_user}/g
+ " -i /etc/${APACHE_NAME}/envvars
+ elif is_fedora; then
+ sudo sed -e "
+ s/^User .*/User ${stack_user}/g;
+ s/^Group .*/Group ${stack_user}/g
+ " -i /etc/${APACHE_NAME}/httpd.conf
+ elif is_suse; then
+ sudo sed -e "
+ s/^User .*/User ${stack_user}/g;
+ s/^Group .*/Group ${stack_user}/g
+ " -i /etc/${APACHE_NAME}/uid.conf
+ else
+ exit_distro_not_supported "apache user and group"
+ fi
+}
+
+# install_apache_wsgi() - Install Apache server and wsgi module
+function install_apache_wsgi() {
+ # Apache installation, because we mark it NOPRIME
+ if is_ubuntu; then
+ # Install apache2, which is NOPRIME'd
+ install_package apache2 libapache2-mod-wsgi
+ elif is_fedora; then
+ sudo rm -f /etc/httpd/conf.d/000-*
+ install_package httpd mod_wsgi
+ elif is_suse; then
+ install_package apache2 apache2-mod_wsgi
+ else
+ exit_distro_not_supported "apache installation"
+ fi
+}
+
+# start_apache_server() - Start running apache server
+function start_apache_server() {
+ start_service $APACHE_NAME
+}
+
+# stop_apache_server() - Stop running apache server
+function stop_apache_server() {
+ if [ -n "$APACHE_NAME" ]; then
+ stop_service $APACHE_NAME
+ else
+ exit_distro_not_supported "apache configuration"
+ fi
+}
+
+# restart_apache_server
+function restart_apache_server() {
+ restart_service $APACHE_NAME
+}
+
+# Restore xtrace
+$XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/horizon b/lib/horizon
index b537484..b06ea1c 100644
--- a/lib/horizon
+++ b/lib/horizon
@@ -4,6 +4,7 @@
# Dependencies:
# ``functions`` file
+# ``apache`` file
# ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined
# <list other global vars that are assumed to be defined>
@@ -33,23 +34,6 @@
# The example file in Horizon repo is used by default.
HORIZON_SETTINGS=${HORIZON_SETTINGS:-$HORIZON_DIR/openstack_dashboard/local/local_settings.py.example}
-# Allow overriding the default Apache user and group, default to
-# current user and his default group.
-APACHE_USER=${APACHE_USER:-$USER}
-APACHE_GROUP=${APACHE_GROUP:-$(id -gn $APACHE_USER)}
-
-# Set up service name and configuration path
-if is_ubuntu; then
- APACHE_NAME=apache2
- APACHE_CONF=sites-available/horizon
-elif is_fedora; then
- APACHE_NAME=httpd
- APACHE_CONF=conf.d/horizon.conf
-elif is_suse; then
- APACHE_NAME=apache2
- APACHE_CONF=vhosts.d/horizon.conf
-fi
-
# Functions
# ---------
@@ -119,11 +103,12 @@
sudo mkdir -p $HORIZON_DIR/.blackhole
HORIZON_REQUIRE=''
+ local horizon_conf=/etc/$APACHE_NAME/$APACHE_CONF_DIR/horizon
if is_ubuntu; then
# Clean up the old config name
sudo rm -f /etc/apache2/sites-enabled/000-default
# Be a good citizen and use the distro tools here
- sudo touch /etc/$APACHE_NAME/$APACHE_CONF
+ sudo touch $horizon_conf
sudo a2ensite horizon
# WSGI isn't enabled by default, enable it
sudo a2enmod wsgi
@@ -153,23 +138,13 @@
s,%APACHE_NAME%,$APACHE_NAME,g;
s,%DEST%,$DEST,g;
s,%HORIZON_REQUIRE%,$HORIZON_REQUIRE,g;
- \" $FILES/apache-horizon.template >/etc/$APACHE_NAME/$APACHE_CONF"
+ \" $FILES/apache-horizon.template >$horizon_conf"
}
# install_horizon() - Collect source and prepare
function install_horizon() {
# Apache installation, because we mark it NOPRIME
- if is_ubuntu; then
- # Install apache2, which is NOPRIME'd
- install_package apache2 libapache2-mod-wsgi
- elif is_fedora; then
- sudo rm -f /etc/httpd/conf.d/000-*
- install_package httpd mod_wsgi
- elif is_suse; then
- install_package apache2 apache2-mod_wsgi
- else
- exit_distro_not_supported "apache installation"
- fi
+ install_apache_wsgi
# NOTE(sdague) quantal changed the name of the node binary
if is_ubuntu; then
@@ -185,17 +160,13 @@
# start_horizon() - Start running processes, including screen
function start_horizon() {
- restart_service $APACHE_NAME
+ restart_apache_server
screen_it horizon "cd $HORIZON_DIR && sudo tail -f /var/log/$APACHE_NAME/horizon_error.log"
}
# stop_horizon() - Stop running processes (non-screen)
function stop_horizon() {
- if [ -n "$APACHE_NAME" ]; then
- stop_service $APACHE_NAME
- else
- exit_distro_not_supported "apache configuration"
- fi
+ stop_apache_server
}
diff --git a/lib/swift b/lib/swift
index e53d674..c93b8b3 100644
--- a/lib/swift
+++ b/lib/swift
@@ -3,6 +3,7 @@
# Dependencies:
# ``functions`` file
+# ``apache`` file
# ``DEST``, ``SCREEN_NAME``, `SWIFT_HASH` must be defined
# ``STACK_USER`` must be defined
# ``SWIFT_DATA_DIR`` or ``DATA_DIR`` must be defined
@@ -10,11 +11,13 @@
# ``stack.sh`` calls the entry points in this order:
#
# install_swift
+# _config_swift_apache_wsgi
# configure_swift
# init_swift
# start_swift
# stop_swift
# cleanup_swift
+# _cleanup_swift_apache_wsgi
# Save trace setting
XTRACE=$(set +o | grep xtrace)
@@ -28,6 +31,7 @@
SWIFT_DIR=$DEST/swift
SWIFTCLIENT_DIR=$DEST/python-swiftclient
SWIFT_AUTH_CACHE_DIR=${SWIFT_AUTH_CACHE_DIR:-/var/cache/swift}
+SWIFT_APACHE_WSGI_DIR=${SWIFT_APACHE_WSGI_DIR:-/var/www/swift}
SWIFT3_DIR=$DEST/swift3
# TODO: add logging to different location.
@@ -97,6 +101,103 @@
rm ${SWIFT_DATA_DIR}/drives/images/swift.img
fi
rm -rf ${SWIFT_DATA_DIR}/run/
+ if is_apache_enabled_service swift; then
+ _cleanup_swift_apache_wsgi
+ fi
+}
+
+# _cleanup_swift_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file
+function _cleanup_swift_apache_wsgi() {
+ sudo rm -f $SWIFT_APACHE_WSGI_DIR/*.wsgi
+ ! is_fedora && sudo a2dissite proxy-server
+ for node_number in ${SWIFT_REPLICAS_SEQ}; do
+ for type in object container account; do
+ site_name=${type}-server-${node_number}
+ ! is_fedora && sudo a2dissite ${site_name}
+ sudo rm -f /etc/$APACHE_NAME/$APACHE_CONF_DIR/${site_name}
+ done
+ done
+}
+
+# _config_swift_apache_wsgi() - Set WSGI config files of Swift
+function _config_swift_apache_wsgi() {
+ sudo mkdir -p ${SWIFT_APACHE_WSGI_DIR}
+ local apache_vhost_dir=/etc/${APACHE_NAME}/$APACHE_CONF_DIR
+ local proxy_port=${SWIFT_DEFAULT_BIND_PORT:-8080}
+
+ # copy proxy vhost and wsgi file
+ sudo cp ${SWIFT_DIR}/examples/apache2/proxy-server.template ${apache_vhost_dir}/proxy-server
+ sudo sed -e "
+ /^#/d;/^$/d;
+ s/%PORT%/$proxy_port/g;
+ s/%SERVICENAME%/proxy-server/g;
+ s/%APACHE_NAME%/${APACHE_NAME}/g;
+ " -i ${apache_vhost_dir}/proxy-server
+
+ sudo cp ${SWIFT_DIR}/examples/wsgi/proxy-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/proxy-server.wsgi
+ sudo sed -e "
+ /^#/d;/^$/d;
+ s/%SERVICECONF%/proxy-server.conf/g;
+ " -i ${SWIFT_APACHE_WSGI_DIR}/proxy-server.wsgi
+ ! is_fedora && sudo a2ensite proxy-server
+
+ # copy apache vhost file and set name and port
+ for node_number in ${SWIFT_REPLICAS_SEQ}; do
+ object_port=$[OBJECT_PORT_BASE + 10 * ($node_number - 1)]
+ container_port=$[CONTAINER_PORT_BASE + 10 * ($node_number - 1)]
+ account_port=$[ACCOUNT_PORT_BASE + 10 * ($node_number - 1)]
+
+ sudo cp ${SWIFT_DIR}/examples/apache2/object-server.template ${apache_vhost_dir}/object-server-${node_number}
+ sudo sed -e "
+ s/%PORT%/$object_port/g;
+ s/%SERVICENAME%/object-server-${node_number}/g;
+ s/%APACHE_NAME%/${APACHE_NAME}/g;
+ " -i ${apache_vhost_dir}/object-server-${node_number}
+ ! is_fedora && sudo a2ensite object-server-${node_number}
+
+ sudo cp ${SWIFT_DIR}/examples/wsgi/object-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/object-server-${node_number}.wsgi
+ sudo sed -e "
+ /^#/d;/^$/d;
+ s/%SERVICECONF%/object-server\/${node_number}.conf/g;
+ " -i ${SWIFT_APACHE_WSGI_DIR}/object-server-${node_number}.wsgi
+
+ sudo cp ${SWIFT_DIR}/examples/apache2/container-server.template ${apache_vhost_dir}/container-server-${node_number}
+ sudo sed -e "
+ /^#/d;/^$/d;
+ s/%PORT%/$container_port/g;
+ s/%SERVICENAME%/container-server-${node_number}/g;
+ s/%APACHE_NAME%/${APACHE_NAME}/g;
+ " -i ${apache_vhost_dir}/container-server-${node_number}
+ ! is_fedora && sudo a2ensite container-server-${node_number}
+
+ sudo cp ${SWIFT_DIR}/examples/wsgi/container-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/container-server-${node_number}.wsgi
+ sudo sed -e "
+ /^#/d;/^$/d;
+ s/%SERVICECONF%/container-server\/${node_number}.conf/g;
+ " -i ${SWIFT_APACHE_WSGI_DIR}/container-server-${node_number}.wsgi
+
+ sudo cp ${SWIFT_DIR}/examples/apache2/account-server.template ${apache_vhost_dir}/account-server-${node_number}
+ sudo sed -e "
+ /^#/d;/^$/d;
+ s/%PORT%/$account_port/g;
+ s/%SERVICENAME%/account-server-${node_number}/g;
+ s/%APACHE_NAME%/${APACHE_NAME}/g;
+ " -i ${apache_vhost_dir}/account-server-${node_number}
+ ! is_fedora && sudo a2ensite account-server-${node_number}
+
+ sudo cp ${SWIFT_DIR}/examples/wsgi/account-server.wsgi.template ${SWIFT_APACHE_WSGI_DIR}/account-server-${node_number}.wsgi
+ sudo sed -e "
+ /^#/d;/^$/d;
+ s/%SERVICECONF%/account-server\/${node_number}.conf/g;
+ " -i ${SWIFT_APACHE_WSGI_DIR}/account-server-${node_number}.wsgi
+
+ done
+
+ # run apache server as stack user
+ change_apache_user_group ${STACK_USER}
+
+ # WSGI isn't enabled by default, enable it
+ ! is_fedora && sudo a2enmod wsgi
}
# configure_swift() - Set config files, create data dirs and loop image
@@ -288,6 +389,9 @@
sudo chown -R $USER:adm ${swift_log_dir}
sed "s,%SWIFT_LOGDIR%,${swift_log_dir}," $FILES/swift/rsyslog.conf | sudo \
tee /etc/rsyslog.d/10-swift.conf
+ if is_apache_enabled_service swift; then
+ _config_swift_apache_wsgi
+ fi
}
# create_swift_disk - Create Swift backing disk
@@ -423,6 +527,9 @@
function install_swift() {
git_clone $SWIFT_REPO $SWIFT_DIR $SWIFT_BRANCH
setup_develop $SWIFT_DIR
+ if is_apache_enabled_service swift; then
+ install_apache_wsgi
+ fi
}
function install_swiftclient() {
@@ -444,6 +551,22 @@
sudo systemctl start xinetd.service
fi
+ if is_apache_enabled_service swift; then
+ # Make sure the apache lock dir is owned by $STACK_USER
+ # for running apache server to avoid failure of restarting
+ # apache server due to permission problem.
+ sudo chown -R $STACK_USER /var/run/lock/$APACHE_NAME
+ restart_apache_server
+ swift-init --run-dir=${SWIFT_DATA_DIR}/run rest start
+ screen_it s-proxy "cd $SWIFT_DIR && sudo tail -f /var/log/$APACHE_NAME/proxy-server"
+ if [[ ${SWIFT_REPLICAS} == 1 ]]; then
+ for type in object container account; do
+ screen_it s-${type} "cd $SWIFT_DIR && sudo tail -f /var/log/$APACHE_NAME/${type}-server-1"
+ done
+ fi
+ return 0
+ fi
+
# By default with only one replica we are launching the proxy,
# container, account and object server in screen in foreground and
# other services in background. If we have SWIFT_REPLICAS set to something
@@ -460,7 +583,7 @@
done
screen_it s-proxy "cd $SWIFT_DIR && $SWIFT_DIR/bin/swift-proxy-server ${SWIFT_CONF_DIR}/proxy-server.conf -v"
if [[ ${SWIFT_REPLICAS} == 1 ]]; then
- for type in object container account;do
+ for type in object container account; do
screen_it s-${type} "cd $SWIFT_DIR && $SWIFT_DIR/bin/swift-${type}-server ${SWIFT_CONF_DIR}/${type}-server/1.conf -v"
done
fi
@@ -468,6 +591,11 @@
# stop_swift() - Stop running processes (non-screen)
function stop_swift() {
+
+ if is_apache_enabled_service swift; then
+ swift-init --run-dir=${SWIFT_DATA_DIR}/run rest stop && return 0
+ fi
+
# screen normally killed by unstack.sh
if type -p swift-init >/dev/null; then
swift-init --run-dir=${SWIFT_DATA_DIR}/run all stop || true