Allow keystone to run from apache
Provide a template for running keystone as a mod_wsgi process and enable it from configuration. Based on: https://review.openstack.org/#/c/36474/ Also-by: zhang-hare <zhuadl@cn.ibm.com> Implements: blueprint devstack-setup-apache-keystone Change-Id: Icc9d7ddfa4a488c08816ff4ae0b53c0134a1016b
This commit is contained in:
parent
5470701e10
commit
a00e5f8810
22
files/apache-keystone.template
Normal file
22
files/apache-keystone.template
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
Listen %PUBLICPORT%
|
||||||
|
Listen %ADMINPORT%
|
||||||
|
|
||||||
|
<VirtualHost *:%PUBLICPORT%>
|
||||||
|
WSGIDaemonProcess keystone-public processes=5 threads=1 user=%USER%
|
||||||
|
WSGIProcessGroup keystone-public
|
||||||
|
WSGIScriptAlias / %PUBLICWSGI%
|
||||||
|
WSGIApplicationGroup %{GLOBAL}
|
||||||
|
ErrorLog /var/log/%APACHE_NAME%/keystone
|
||||||
|
LogLevel debug
|
||||||
|
CustomLog /var/log/%APACHE_NAME%/access.log combined
|
||||||
|
</VirtualHost>
|
||||||
|
|
||||||
|
<VirtualHost *:%ADMINPORT%>
|
||||||
|
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=%USER%
|
||||||
|
WSGIProcessGroup keystone-admin
|
||||||
|
WSGIScriptAlias / %ADMINWSGI%
|
||||||
|
WSGIApplicationGroup %{GLOBAL}
|
||||||
|
ErrorLog /var/log/%APACHE_NAME%/keystone
|
||||||
|
LogLevel debug
|
||||||
|
CustomLog /var/log/%APACHE_NAME%/access.log combined
|
||||||
|
</VirtualHost>
|
43
lib/keystone
43
lib/keystone
@ -14,11 +14,13 @@
|
|||||||
#
|
#
|
||||||
# install_keystone
|
# install_keystone
|
||||||
# configure_keystone
|
# configure_keystone
|
||||||
|
# _config_keystone_apache_wsgi
|
||||||
# init_keystone
|
# init_keystone
|
||||||
# start_keystone
|
# start_keystone
|
||||||
# create_keystone_accounts
|
# create_keystone_accounts
|
||||||
# stop_keystone
|
# stop_keystone
|
||||||
# cleanup_keystone
|
# cleanup_keystone
|
||||||
|
# _cleanup_keystone_apache_wsgi
|
||||||
|
|
||||||
# Save trace setting
|
# Save trace setting
|
||||||
XTRACE=$(set +o | grep xtrace)
|
XTRACE=$(set +o | grep xtrace)
|
||||||
@ -34,6 +36,7 @@ KEYSTONE_CONF_DIR=${KEYSTONE_CONF_DIR:-/etc/keystone}
|
|||||||
KEYSTONE_CONF=$KEYSTONE_CONF_DIR/keystone.conf
|
KEYSTONE_CONF=$KEYSTONE_CONF_DIR/keystone.conf
|
||||||
KEYSTONE_PASTE_INI=${KEYSTONE_PASTE_INI:-$KEYSTONE_CONF_DIR/keystone-paste.ini}
|
KEYSTONE_PASTE_INI=${KEYSTONE_PASTE_INI:-$KEYSTONE_CONF_DIR/keystone-paste.ini}
|
||||||
KEYSTONE_AUTH_CACHE_DIR=${KEYSTONE_AUTH_CACHE_DIR:-/var/cache/keystone}
|
KEYSTONE_AUTH_CACHE_DIR=${KEYSTONE_AUTH_CACHE_DIR:-/var/cache/keystone}
|
||||||
|
KEYSTONE_WSGI_DIR=${KEYSTONE_WSGI_DIR:-/var/www/keystone}
|
||||||
|
|
||||||
KEYSTONECLIENT_DIR=$DEST/python-keystoneclient
|
KEYSTONECLIENT_DIR=$DEST/python-keystoneclient
|
||||||
|
|
||||||
@ -86,6 +89,33 @@ function cleanup_keystone() {
|
|||||||
:
|
:
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# _cleanup_keystone_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file
|
||||||
|
function _cleanup_keystone_apache_wsgi() {
|
||||||
|
sudo rm -f $KEYSTONE_WSGI_DIR/*.wsgi
|
||||||
|
disable_apache_site keystone
|
||||||
|
sudo rm -f /etc/$APACHE_NAME/$APACHE_CONF_DIR/keystone
|
||||||
|
}
|
||||||
|
|
||||||
|
# _config_keystone_apache_wsgi() - Set WSGI config files of Keystone
|
||||||
|
function _config_keystone_apache_wsgi() {
|
||||||
|
sudo mkdir -p $KEYSTONE_WSGI_DIR
|
||||||
|
|
||||||
|
# copy proxy vhost and wsgi file
|
||||||
|
sudo cp $KEYSTONE_DIR/httpd/keystone.py $KEYSTONE_WSGI_DIR/main
|
||||||
|
sudo cp $KEYSTONE_DIR/httpd/keystone.py $KEYSTONE_WSGI_DIR/admin
|
||||||
|
|
||||||
|
sudo cp $FILES/apache-keystone.template /etc/$APACHE_NAME/$APACHE_CONF_DIR/keystone
|
||||||
|
sudo sed -e "
|
||||||
|
s|%PUBLICPORT%|$KEYSTONE_SERVICE_PORT|g;
|
||||||
|
s|%ADMINPORT%|$KEYSTONE_AUTH_PORT|g;
|
||||||
|
s|%APACHE_NAME%|$APACHE_NAME|g;
|
||||||
|
s|%PUBLICWSGI%|$KEYSTONE_WSGI_DIR/main|g;
|
||||||
|
s|%ADMINWSGI%|$KEYSTONE_WSGI_DIR/admin|g;
|
||||||
|
s|%USER%|$STACK_USER|g
|
||||||
|
" -i /etc/$APACHE_NAME/$APACHE_CONF_DIR/keystone
|
||||||
|
enable_apache_site keystone
|
||||||
|
}
|
||||||
|
|
||||||
# configure_keystone() - Set config files, create data dirs, etc
|
# configure_keystone() - Set config files, create data dirs, etc
|
||||||
function configure_keystone() {
|
function configure_keystone() {
|
||||||
if [[ ! -d $KEYSTONE_CONF_DIR ]]; then
|
if [[ ! -d $KEYSTONE_CONF_DIR ]]; then
|
||||||
@ -204,6 +234,10 @@ function configure_keystone() {
|
|||||||
cp $KEYSTONE_DIR/etc/logging.conf.sample $KEYSTONE_CONF_DIR/logging.conf
|
cp $KEYSTONE_DIR/etc/logging.conf.sample $KEYSTONE_CONF_DIR/logging.conf
|
||||||
iniset $KEYSTONE_CONF_DIR/logging.conf logger_root level "DEBUG"
|
iniset $KEYSTONE_CONF_DIR/logging.conf logger_root level "DEBUG"
|
||||||
iniset $KEYSTONE_CONF_DIR/logging.conf logger_root handlers "devel,production"
|
iniset $KEYSTONE_CONF_DIR/logging.conf logger_root handlers "devel,production"
|
||||||
|
|
||||||
|
if is_apache_enabled_service key; then
|
||||||
|
_config_keystone_apache_wsgi
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
# create_keystone_accounts() - Sets up common required keystone accounts
|
# create_keystone_accounts() - Sets up common required keystone accounts
|
||||||
@ -316,6 +350,9 @@ function install_keystone() {
|
|||||||
fi
|
fi
|
||||||
git_clone $KEYSTONE_REPO $KEYSTONE_DIR $KEYSTONE_BRANCH
|
git_clone $KEYSTONE_REPO $KEYSTONE_DIR $KEYSTONE_BRANCH
|
||||||
setup_develop $KEYSTONE_DIR
|
setup_develop $KEYSTONE_DIR
|
||||||
|
if is_apache_enabled_service key; then
|
||||||
|
install_apache_wsgi
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
# start_keystone() - Start running processes, including screen
|
# start_keystone() - Start running processes, including screen
|
||||||
@ -326,8 +363,14 @@ function start_keystone() {
|
|||||||
service_port=$KEYSTONE_SERVICE_PORT_INT
|
service_port=$KEYSTONE_SERVICE_PORT_INT
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if is_apache_enabled_service key; then
|
||||||
|
restart_apache_server
|
||||||
|
screen_it key "cd $KEYSTONE_DIR && sudo tail -f /var/log/$APACHE_NAME/keystone"
|
||||||
|
else
|
||||||
# Start Keystone in a screen window
|
# Start Keystone in a screen window
|
||||||
screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone-all --config-file $KEYSTONE_CONF $KEYSTONE_LOG_CONFIG -d --debug"
|
screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone-all --config-file $KEYSTONE_CONF $KEYSTONE_LOG_CONFIG -d --debug"
|
||||||
|
fi
|
||||||
|
|
||||||
echo "Waiting for keystone to start..."
|
echo "Waiting for keystone to start..."
|
||||||
if ! timeout $SERVICE_TIMEOUT sh -c "while ! http_proxy= curl -s http://$SERVICE_HOST:$service_port/v$IDENTITY_API_VERSION/ >/dev/null; do sleep 1; done"; then
|
if ! timeout $SERVICE_TIMEOUT sh -c "while ! http_proxy= curl -s http://$SERVICE_HOST:$service_port/v$IDENTITY_API_VERSION/ >/dev/null; do sleep 1; done"; then
|
||||||
die $LINENO "keystone did not start"
|
die $LINENO "keystone did not start"
|
||||||
|
Loading…
Reference in New Issue
Block a user