From f6a2d2cd4edd06408690081d6207ff73b76f543a Mon Sep 17 00:00:00 2001
From: Ian Wienand <iwienand@redhat.com>
Date: Wed, 26 Apr 2017 10:50:29 +1000
Subject: [PATCH] Always restart apache

As described in [1], it seems that mod_wsgi is not "graceful" reload
safe.  Upon re-init, it can end up in a segfault loop.

The "reload" (not *restart*) after setting up uwsgi was added with
I1d89be1f1b36f26eaf543b99bde6fdc5701474fe but not causing an issue
until uwsgi was enabled.

We do not notice in the gate, because the TLS setup ends up doing a
restart after this setup.  In the period between the
write_uwsgi_config and that restart, Apache is sitting in a segfault
loop, but we never noticed because we don't try talking to it.  Other
jobs that don't do any further apache configuration have started
failing, however.

Looking at the original comments around "reload_apache_server" I'm not
sure if it is still necessary.  [2] shows it is not used outside these
two calls.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1445540
[2] http://codesearch.openstack.org/?q=reload_apache_server&i=nope&files=&repos=

Closes-Bug: #1686210
Change-Id: I5234bae0595efdcd30305a32bf9c121072a3625e
---
 lib/apache | 7 +------
 lib/tls    | 7 +------
 2 files changed, 2 insertions(+), 12 deletions(-)

diff --git a/lib/apache b/lib/apache
index afeac158ca..34ac660266 100644
--- a/lib/apache
+++ b/lib/apache
@@ -218,11 +218,6 @@ function restart_apache_server {
     restart_service $APACHE_NAME
 }
 
-# reload_apache_server
-function reload_apache_server {
-    reload_service $APACHE_NAME
-}
-
 function write_uwsgi_config {
     local file=$1
     local wsgi=$2
@@ -267,7 +262,7 @@ function write_uwsgi_config {
         apache_conf=$(apache_site_config_for $name)
         echo "ProxyPass \"${url}\" \"unix:${socket}|uwsgi://uwsgi-uds-${name}/\" retry=0 " | sudo tee $apache_conf
         enable_apache_site $name
-        reload_apache_server
+        restart_apache_server
     fi
 }
 
diff --git a/lib/tls b/lib/tls
index 7a7b10454e..238687c5dd 100644
--- a/lib/tls
+++ b/lib/tls
@@ -526,12 +526,7 @@ EOF
         enable_apache_mod $mod
     done
     enable_apache_site $b_service
-    # Only a reload is required to pull in new vhosts
-    # Note that a restart reliably fails on centos7 and trusty
-    # because apache can't open port 80 because the old apache
-    # still has it open. Using reload fixes trusty but centos7
-    # still doesn't work.
-    reload_apache_server
+    restart_apache_server
 }
 
 # Follow TLS proxy