50 Commits

Author SHA1 Message Date
Attila Fazekas
9fd38e7970 Add Fedora 27 support
Removing the (f23,)f24 support they are EOL.
The only non-trivial change is the apache-httpd default worker change,
however might not be bad idea to use `event` instead of `worker`
in the future, but for now keep it AS-IS and continue to use `worker`.

Change-Id: I96d414a30b58bc4b43da45066fdf310a6a830079
Closes-Bug: #1740194
2018-01-11 16:19:36 +01:00
Zuul
57ddd7c161 Merge "Remove proxy-sendcl from mod_proxy_uwsgi apache path" 2017-10-19 18:25:30 +00:00
Dinesh Bhor
ef60f2b718 Enable reloadable config in services
uwsgi services:
[1] By default uwsgi is set to exit on reload this breaks config reloading
    of the service [1][2]. It needs to be set to 'false'.
[2] Requires to add 'systemctl reload' command support by adding ExecReload
    in unit file.

Non uwsgi services:
[1] Non uwsgi services only requires to add ExecReload in unit file.

There was a similar patch submitted by Matthew Treinish [3] but it was
already set to workflow +1(not merged as having dependency on other patch)
and it was having some issues as specified in comment and missing reload
functionality for other services.

[1] https://etherpad.openstack.org/p/uwsgi-issues
[2] http://uwsgi-docs.readthedocs.io/en/latest/Options.html#exit-on-reload
[3] https://review.openstack.org/#/c/490904/2

Change-Id: I78f5e9d4574671c74a52af64724946feb41c2d7a
2017-09-08 12:49:00 +05:30
Matthew Treinish
477a962861 Enable graceful shutdown for services
1] Process using uwsgi:
   uwsgi services doesn't support for graceful shutting down [1].
   It requires some changes in unit files [2] including adding below
   graceful shutdown hook and changing KillSignal:
      --hook-master-start "unix_signal:15 gracefully_kill_them_all
   All the steps and changes required are specified in etherpad [1].

2] Non uwsgi services needs below changes:
   In [service] section:
   a. Add KillMode = process
   b. Add TimeoutStopSec = infinity

NOTE:
Creating unit file for services other than uwsgi is handled by the
'write_user_unit_file' function [3]. This function is common for all
the services so this patch adds the above mentioned parameters for
services using ServiceLauncher also though they don't require.

Added a new stackrc variable WORKER_TIMEOUT which is required to add
graceful shutdown support to uwsgi services. It will be set as a value
to 'worker-reload-mercy' [4] in uwsgi file of service. The default
value set to this variable is 90.

[1] https://etherpad.openstack.org/p/uwsgi-issues
[2] https://www.freedesktop.org/software/systemd/man/systemd.kill.html
[3] 2967ca3dfd/functions-common (L1439-L1461)
[4] http://uwsgi-docs.readthedocs.io/en/latest/Options.html#worker-reload-mercy

Co-Authored-By: Dinesh Bhor <dinesh.bhor@nttdata.com>
Change-Id: Ia95291325ce4858b47102dd49504250183f339ab
2017-09-06 11:55:04 +05:30
Matthew Treinish
a3488d5f00
Remove proxy-sendcl from mod_proxy_uwsgi apache path
Calling setenv appears to be globally scoped which is breaking the
glance path which relies on chunked uploads. The glance path is
separated by using mod_proxy instead of mod_proxy_uwsgi because
mod_proxy_uwsgi doesn't support chunked encoding.[1] The proxy-sendcl [2]
was set on the mod_proxy_uwsgi path just in case someone tried to send a
chunked request to the api server we would be able to handle it. It
tells apache to locally cache the chunked request and send the
content-length as a normal upload to the upstream server. However, if we
can only set it globally across then small potential benefit is not worth
having all glance uploads cached by apache. This commit just removes
setting the flag. In the future if we can have devstack isolate this
flag it might be worth adding back to the mod_proxy_uwsgi path, but for
right now it's not worth the tradeoff.

[1] https://github.com/unbit/uwsgi/issues/1540
[2] https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#request-bodies

Depends-On: Idf6b4b891ba31cccbeb53d373b40fce5380cea64
Change-Id: Iab2e2848877fa1497008d18c05b0154892941589
Closes-Bug: #1709970
2017-08-14 15:47:11 -04:00
Ian Wienand
41e6e12318 Switch Centos/Fedora to Apache woker MPM
In trying to debug periodic gate instability of CentOS, I noticed that
it is using the prefork mpm, while Ubuntu is defaulting to the
multi-threaded worker mpm.

One of the problems seems related to 502 proxy errors from the TLS
proxy.  We see out-of-sync timestamps in the centos TLS proxy access
logs, which might be innocent behaviour based on the prefork model or
indicate something else.

Before going too deep down this rabbit-hole, I think it is better for
consistency to use the same mpm model on all our platforms, and start
debugging from there.

Change-Id: I9881f2e7d51fdd9fc0f7fb3e37179aa53171b531
2017-08-08 15:58:22 +10:00
Jeremy Liu
2f7df51cfa Correct 'uswgi' to 'uwsgi'
Change-Id: I22026e5640a626f45b7508b60f492dbdb30631af
2017-07-12 10:09:48 +08:00
Matthew Treinish
b79531a9f9
Increase the socket timeout on uwsgi local mode
This commit increases the socket timeout value from 4 secs to a much
higher 30 secs. This is just for sanity, the load is high when we're
seeing the wsgi.input timeouts, so uwsgi might be just closing the
socket waiting for data over the wire. 30 seconds is overly conservative
just so we can rule this out. This will likely be shrunk to a more
reasonable value in the future.

Change-Id: Iae85d3a084fb33b2a63550d6e353413e98c0b39c
Partial-Bug: #1701088
2017-06-30 12:24:21 -04:00
Matthew Treinish
1560efe9c9
Switch local http uwsgi conf to http-socket mode
Previously the local uwsgi server mode was using uwsgi in http mode.
This was unessecary and actually not recommend by the uwsgi docs [1][2]
This is because http mode starts a frontend http process that forwards
requests to the workers running the python code. This is done for the
largely the same reasons we're using apache as a proxy and is
unnecessary. http-socket mode doesn't do this and just exposes the
workers as an http interface to the proxy. (in our case apache)

[1] http://uwsgi-docs.readthedocs.io/en/latest/HTTP.html#http-sockets
[2] http://uwsgi-docs.readthedocs.io/en/latest/ThingsToKnow.html

Change-Id: I5671687c8083fa4bdee066c07b083a0f00be532b
2017-06-30 12:24:21 -04:00
Jenkins
248d54b51b Merge "Ensure keepalive isn't used on uwsgi http mode" 2017-06-29 23:03:42 +00:00
Matthew Treinish
82d0610f14
Ensure keepalive isn't used on uwsgi http mode
According to the uwsgi docs [1] for http keepalive there is a separate
option for http keep alive, and just setting connection close isn't
enough. This commit makes sure we disable http keepalive. This will
hopefully fix the random connection issues we get on image uploads to
glance, which uses uwsgi http mode.

[1] http://uwsgi-docs.readthedocs.io/en/latest/HTTP.html#http-keep-alive

Change-Id: Ic5f83c5c93f28b2bd62ca9ac96ca8c87797ea5c9
Closes-Bug: #1701088
2017-06-28 17:42:31 -04:00
Chris Dent
b90bb1a461 Use uwsgi for nova when NOVA_USE_MOD_WSGI is not False
Unless NOVA_USE_MOD_WSGI is False, run nova-api and nova-metadata
using uwsgi.

Because the metadata server is always expected to run on a port and
without a prefix, we have it configured to use uwsgi but not to
proxy from apache: uwsgi listens on the configured port itself.

uwsgi process that listen themselve do not need a socket or to
chmod-socket, so those config lines have been moved to the block
that is also writing proxy configuration for apache.

Because this change only uses uwsgi for nova-api and nova-api-meta,
nova-api-meta is set to default to enabled in stackrc because the
nova-api wsgi application used by wsgi only presents the one service
(osapi_compute).

If NOVA_USE_MOD_WSGI is False and tls_proxy service is enabled,
nova-api is run on an internal port reached via the tls_proxy.

Depends-On: I8ff08d61520ccf04e32dcd02f4cecc39dae823cb
Change-Id: If2d7e363a6541854f2e30c03171bef7a41aff745
2017-06-28 17:46:22 +00:00
Matthew Treinish
1fa6536357 Revert "Revert "Use uwsgi for glance-api""
This reverts commit 3410e3e01bdbdbfd360d9baebeac081c33ee0821.

Change-Id: Ic58711311eb8534cb3c4b25c333197c412ffdce5
2017-06-23 22:32:37 +00:00
Ian Wienand
3410e3e01b Revert "Use uwsgi for glance-api"
This reverts commit e6217a9719b88b550ccbbce7c9bc064cb746c1a3.

Unfortunately it seems to break glance; for examples see some of the
nodepool dib jobs which have all failed to upload images into glance.

Note this has a revert for 43304849cfde41fa86a6fdd334ab6e703598ef8d as
well, since that uses GLANCE_URL defined here.

[1] http://logs.openstack.org/51/475051/2/gate/gate-dsvm-nodepool-redhat-src/e1bdb34/
[2] http://logs.openstack.org/51/475051/2/gate/gate-dsvm-nodepool-ubuntu-src/6a7665b/
[3] http://logs.openstack.org/51/475051/2/gate/gate-dsvm-nodepool-opensuse-src/b357de1/

Change-Id: I2aea120e733b05e806801121ec994f4e31a337d9
2017-06-22 13:48:06 +10:00
Jenkins
7fef90aff9 Merge "Use uwsgi for glance-api" 2017-06-21 08:34:52 +00:00
Jenkins
f500d6a29d Merge "Use systemd-tmpfiles to create /var/run/uwsgi" 2017-06-14 06:18:12 +00:00
Clark Boylan
35649ae0d2 Make stack.sh work on SUSE
This adds packages to suse for systemd python linkages as well as
apache2 and which. And configures mod_proxy and mod_proxy_uwsgi with
a2enmod.

We also properly query if apache mods are enabled to avoid running
into systemd service restart limits. Enable mod_version across the board
as we use it and it may not be enabled by default (like in SUSE).

Also in addition to enabling mod_ssl we enable the SSL flag so that TLS
will work...

Finally we tell the system to trust the devstack CA.

Change-Id: I3442cebfb2e7c2550733eb95a12fab42e1229ce7
2017-05-28 09:58:51 -07:00
Matthew Treinish
e6217a9719 Use uwsgi for glance-api
This commit adds support for deploying glance as a wsgi script under
uwsgi. To get around limitations in the uwsgi protocol when using
python3 for chunked encoding we have to setup uwsgi in http mode on a
random port listening on localhost and use mod_proxy to forward the
incoming requests. The alternative approach of having apache buffer the
requests locally with the send_cl option with mod_proxy_uwsgi only
worked on python2 and also has the limitation that apache is buffering
the entire chunked object, which could be several gigabytes in size.

Depends-On: I089a22a4be4227a551c32442dba27c426f54c87d
Change-Id: Ie98fb7da5e8ecfa49cd680b88139cb7034d5f88f
2017-05-28 14:36:36 +00:00
Kirill Zaitsev
d0db62a476 Use systemd-tmpfiles to create /var/run/uwsgi
On ubuntu contents of /var/run do not persist between reboots. Devstack
uses /var/run/uwsgi as home for wsgi sockets. This means that after
rebooting the machine services, that rely on uwsgi would fail to start.
Currently it affects keystone.service and placement-api.service.
This patch changes delegates directory creation to systemd-tmpfiles,
which would run on startup.

Change-Id: I27d168cea93698739ef08ac76c828695a49176c7
Closes-Bug: #1692767
2017-05-26 19:11:02 +03:00
Ian Wienand
f6a2d2cd4e Always restart apache
As described in [1], it seems that mod_wsgi is not "graceful" reload
safe.  Upon re-init, it can end up in a segfault loop.

The "reload" (not *restart*) after setting up uwsgi was added with
I1d89be1f1b36f26eaf543b99bde6fdc5701474fe but not causing an issue
until uwsgi was enabled.

We do not notice in the gate, because the TLS setup ends up doing a
restart after this setup.  In the period between the
write_uwsgi_config and that restart, Apache is sitting in a segfault
loop, but we never noticed because we don't try talking to it.  Other
jobs that don't do any further apache configuration have started
failing, however.

Looking at the original comments around "reload_apache_server" I'm not
sure if it is still necessary.  [2] shows it is not used outside these
two calls.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1445540
[2] http://codesearch.openstack.org/?q=reload_apache_server&i=nope&files=&repos=

Closes-Bug: #1686210
Change-Id: I5234bae0595efdcd30305a32bf9c121072a3625e
2017-04-26 11:09:59 +10:00
rabi
aa26baacb8 Create custom dir for uwsgi domain sockets
On Centos, apache has a private view of /tmp and thus can't see this
socket, causing keystone to fail. This happened after
I46294fb24e3c23fa19fcfd7d6c9ee8a932354702.

Move it to /var/run.

Closes-Bug: #1684360
Change-Id: I47f091656802719c259752454ec88bf50760b967
2017-04-21 10:42:27 +10:00
Chris Dent
2fcdaac56e Make a2dissite fail softly if the site is not enabled
a2dissite will return a non-zero error code if the site that is being
disabled is not currently enabled (that is, if the conf file for it does
not exist). This can happen during development if you've been messing
with files by hand. Rather than exploding out of a ./stack.sh, accept
the missing file as meaning "it's disabled" and carry one. The rpm
version of disable, which does not use a2dissite, does this already.

Change-Id: Ie5dfd42efdff4bdba5ffaa765af000dd8e1d596e
2017-04-18 16:54:12 +01:00
Sean Dague
6ed53156b6 Convert keystone to use uwsgi with the proxy
This makes keystone use the proxy uwsgi module when running in uwsgi
mode. It also introduces a new stackrc variable which is WSGI_MODE
that we can use to control the conditionals in services that current
work with mod_wsgi.

Also update retry timeouts on proxy pass so that workers don't disable
their connections during polling for initial activity.

Change-Id: I46294fb24e3c23fa19fcfd7d6c9ee8a932354702
2017-04-17 16:27:35 -04:00
Sean Dague
604e598e2a Install and enable apache uwsgi proxy
The uwsgi proxy version that comes with Ubuntu xenial is too old, so
we have to build it from source. This is a temporary solution until
the next LTS.

This lays the ground work for using it in keystone.

Change-Id: I00fb1759e6988c7df0ce0f3df5ff1ce9fd7cd381
2017-04-17 14:51:44 -04:00
Sean Dague
2f8c88e053 Factor out code to write uwsgi config files
Instead of this code all existing in keystone inline, factor out into
a dedicated set of functions, and make keystone use this. This drops
uwsgi supporting https directly, but that's not going to be a
supported model going forward once we get to proxy only anyway.

Change-Id: I1d89be1f1b36f26eaf543b99bde6fdc5701474fe
2017-04-14 15:41:02 -04:00
Sean Dague
2b85cf0f06 Just use normal restart for apache
We're now in a systemd world where systemd is managing the restart
effectively, there is no reason to be tricksy with apache now that
we're not working around weird upstartd issues.

Change-Id: Ifadfd504eb10a90db5177ea9180b9cd8331a2948
2017-04-14 15:41:02 -04:00
Sean Dague
8f8b274e60 Clean up apache 2.2 cruft from Ubuntu 12.04
All the apache 2.2 handling is obsolete now, as we don't support those
distros, so get rid of it.

Change-Id: I9c0f78af2b32afabb2c4264aebc92089c4694f91
2017-04-13 09:35:21 -04:00
Davanum Srinivas
afa8a00c14 Switch to python 3.5
Use trueorfalse to normalize the values for USE_PYTHON3

Install 3.5 instead of 3.4 When USE_PYTHON3 is specified.
Also, since not many packages are classified correctly, fallback
to looking for just "Programming Language :: Python :: 3" and
log a message for the package to highlight the problem.

Also special case some services that are *almost* ready

Depends-On: Id48e1b328230fcdf97ed1cb4b97f4c3f9cf6eb8a
Depends-On: Ib7d9aa0e0b74a936002e0eea0b3af05102b06a62
Change-Id: I243ea4b76f0d5ef57a03b5b0798a05468ee6de9b
2016-12-23 13:15:03 -05:00
Clark Boylan
cfb9f057ea Tune apache connections for tls proxy
We are seeing connection errors to the proxy occasionally. These errors
do not result in a logged http request or error to the backends,
resulting in a theory that the proxy itself may just not be able to
handle the number of connections. More than double the total number of
connections that will be accepted by the proxy in an attempt to fix
this.

Change-Id: Iefa6c43451dd1f95927528d2ce0003c84248847f
Related-bug: 1630664
2016-11-29 10:43:05 -08:00
Clark Boylan
66ce5c257a Update apache tls proxy logs
This creates log files per proxy vhost and sets the log level to info to
help debug potential issues with tls proxying.

Change-Id: I02a62224662b021b35c293909ba045b4b74e1df8
2016-10-05 16:25:53 -07:00
Gregory Haynes
4b49e409f8 Use apache for tls-proxy ssl termination
Stud is now abandonware (see https://github.com/bumptech/stud) and is
not packaged in xenial. Lets use Apache for SSL termination since its
there already.

Change-Id: Ifcba410f5969521e8b3d30f02795541c1661f83a
2016-09-20 08:14:11 -07:00
Atsushi SAKAI
2ca8af45a7 Add 5 time measurement points
run_process           process starting time
test_with_retry       process starting time (for neutron legacy)
restart_apache_server Apache HTTPD restart time
wait_for_service      HTTP server waiting time
git_timed             git command execution time

example

========================
DevStack Components Timed
========================

run_process - 52 secs
test_with_retry - 3 secs
apt-get-update - 8 secs
pip_install - 76 secs
restart_apache_server - 9 secs
wait_for_service - 11 secs
git_timed - 127 secs
apt-get - 15 secs

Change-Id: I66140726617450cd9fe9b702092cacf053a20065
2015-12-17 20:28:54 +09:00
Ian Wienand
523f488036 Namespace XTRACE commands
I noticed this when debugging some grenade issues failures.

An include of grenade/functions stores the current value of XTRACE
(on) and disables xtrace for the rest of the import.

We then include devstack's "functions" library, which now overwrites
the stored value of XTRACE the current state; i.e. disabled.

When it finishes it restores the prior state (disabled), and then
grenade restores the same value of XTRACE (disabled).

The result is that xtrace is incorrectly disabled until the next time
it just happens to be turned on.

The solution is to name-space the store of the current-value of xtrace
so when we finish sourcing a file, we always restore the tracing value
to what it was when we entered.

Some files had already discovered this.  In general there is
inconsistency around the setting of the variable, and a lot of obvious
copy-paste.  This brings consistency across all files by using
_XTRACE_* prefixes for the sotre/restore of tracing values.

Change-Id: Iba7739eada5711d9c269cb4127fa712e9f961695
2015-11-27 15:36:04 +11:00
Ian Wienand
ada886dd43 Don't mix declaration and set of locals
Ia0957b47187c3dcadd46154b17022c4213781112 proposes to have bashate
find instances of setting a local value.  The issue is that "local"
always returns 0, thus hiding any failure in the commands running to
set the variable.

This is an automated replacement of such instances

Depends-On: I676c805e8f0401f75cc5367eee83b3d880cdef81
Change-Id: I9c8912a8fd596535589b207d7fc553b9d951d3fe
2015-10-07 17:03:32 +11:00
Ian Wienand
144dbc62f8 Remove config_apache_wsgi mention
This has only ever appeared in
I3a5d1e511c5dca1e6d01a1adca8fda0a43d4f632 and has never been exported,
referenced, etc.

Remove it to avoid confusion
(e.g. Icfad40ee6998296727a95613199e5c2d87bd0a45)

Change-Id: Ic71e841f6f751ff43083e12ad734b9c84be7b645
2015-08-10 04:19:19 +00:00
Sean Dague
e263c82e48 add shebang lines to all lib files
With gerrit 2.8, and the new change screen, this will trigger syntax
highlighting in gerrit. Thus making reviewing code a lot nicer.

Change-Id: Id238748417ffab53e02d59413dba66f61e724383
2014-12-10 11:28:05 -05:00
Noboru Iwamatsu
b4495eb410 Use mod_version to clean-up apache version matching
This change uses mod_version (shipped by default on everything we care
about) to set-up version-specific config within apache rather than
within devstack scripts.

Clean up the horizon and keystone config file generation to use the
internal apache matching.

Since I6478db385fda2fa1c75ced12d3e886b2e1152852 the apache matching in
'functions' is actually duplicated.  just leave get_apache_version in
lib/apache as it is used for config-file name matching in there.

Change-Id: I6478db385fda2fa1c75ced12d3e886b2e1152852
2014-09-08 15:59:29 +10:00
Morgan Fainberg
d074dc7f7e Use the apache 2.4 ErrorLogFormat directive
Use the new ErrorLogFormat directive to make the Keystone logs
under Apache to look like the standard oslo log format.

Change-Id: Ie823abf2fa06b8ce22027c21bef455808a4a768e
2014-08-28 08:39:50 -07:00
Morgan Fainberg
2df0046fa7 Make apache restarts a little more forgiving
Apache sometimes is slow to release the port (from the kernel's
perspective) which can cause restarts of apache to fail due to the
requested port already being bound. This fix introduces a small sleep
between the stop and start to help make apache deployments a bit
more resilient.

Change-Id: I9697d71f3cb2d8d5da8fe7ffa8b3e1ade9d52afd
Closes-Bug: #1342256
2014-07-15 11:06:36 -07:00
Morgan Fainberg
46455a34d5 Update Apache + mod_wsgi deployment mechanisms
Added a global toggle for enabling HTTPD + mod_wsgi for services
that default deploy to running under Apache. When the variable
``ENABLE_HTTPD_MOD_WSGI_SERVICES`` is set to ``True`` any service
that recommends deploying under HTTPD + mod_wsgi, will be run
under Apache.

If ``ENABLE_HTTPD_MOD_WSGI_SERVICES`` is set to ``False`` the
any service that is defaulted to running under HTTPD + mod_wsgi
will (if capable) be run in an alternate deployment strategy (e.g.
eventlet).

Updated Swift and Keystone to have individual toggles for deploying
under HTTPD + mod_wsgi. This is done to allow for gate to run on
the services under mod_wsgi where appropriate. Toggles are
``KEYSTONE_USE_MOD_WSGI`` and ``SWIFT_USE_MOD_WSGI`` and are both
defaulted to "False" (do not deploy under HTTPD + mod_wsgi).

Change-Id: Id3b121b8f1cde369d184b586e0d875bdbda34813
2014-07-07 08:46:28 -07:00
Ralf Haferkamp
633a1290e5 Fix Apache Site configuration for openSUSE
We can use the mechnism as on Fedora for openSUSE.

Change-Id: Ic0d1734df3bdc9ec66e1592109b2d3770d6e0144
2014-06-16 14:10:05 +02:00
Dean Troyer
444a8d53ca Fix Apache site config handling on Fedora
Allow enable/disable_apache_sites() on Fedora to gracefully fail if the
config is not present.  This is primarily an issue when the config from
a previous run is not completely cleaned out (unstack.sh vs clean.sh).

Make APACHE_CONFIG_DIR fully qualified and overrideable in local.conf.

Also fix Horizon's handling of its Apache config file to be removed
in clean.sh.

Change-Id: I78a5de579dd3b02fa2e4e7e00ac0aabe71b531ad
2014-06-06 16:52:20 -05:00
Gabriel Assis Bezerra
a688bc6510 Fix the way Apache site configuration files are used, to improve OS portability
On Ubuntu 14.04, the site configuration file must have a .conf suffix for a2ensite and a2dissite to
recognise it. a2ensite and a2dissite ignore the .conf suffix used as parameter. The default sites'
files are 000-default.conf and default-ssl.conf.

On Ubuntu 12.04, the site configuration file may have any format, as long as it is in
/etc/apache2/sites-available/. a2ensite and a2dissite need the entire file name to work. The default
sites' files are default and default-ssl.

On Fedora, any file in /etc/httpd/conf.d/ whose name ends with .conf is enabled.

On RHEL and CentOS, things should hopefully work as in Fedora.

This change puts all distribution-related site configuration file name differences in lib/apache and
the other services gets the file name for its sites using the new exported function
apache_site_config_for <sitename>.

It also makes Fedora disabled sites use the .conf.disabled suffix instead of removing the .conf from
the file name.

The table below summarizes what should happen on each distribution:
+----------------------+--------------------+--------------------------+--------------------------+
| Distribution         | File name          | Site enabling command    | Site disabling command   |
+----------------------+--------------------+--------------------------+--------------------------+
| Ubuntu 12.04         | site               | a2ensite site            | a2dissite site           |
| Ubuntu 14.04         | site.conf          | a2ensite site            | a2dissite site           |
| Fedora, RHEL, CentOS | site.conf.disabled | mv site.conf{.disabled,} | mv site.conf{,.disabled} |
+----------------------+--------------------+--------------------------+--------------------------+

Change-Id: Ia2ba3cb7caccb6e9b65380f9d51d9d21180b894e
Closes-bug: #1313765
2014-05-30 12:07:24 +00:00
Ian Wienand
aee18c749b Enforce function declaration format in bash8
Check that function calls look like ^function foo {$ in bash8, and fix
all existing failures of that check.  Add a note to HACKING.rst

Change-Id: Ic19eecb39e0b20273d1bcd551a42fe400d54e938
2014-02-28 07:59:03 +11:00
Dean Troyer
d8864feae9 Fix shocco errors
Clean up comments to fix errors seen while processing with shocco

Change-Id: I0e97ad27613313f03e47c107051ea93b115d4744
2014-02-17 11:18:12 -06:00
Stephan Renatus
e578effb33 Make use of STACK_USER instead of relying on USER
Quite easily one ends up calling ./stack.sh in an environment that,
albeit being user "stack" (for example), doesn't quite meet the
expectations of devstack.  The errors that follow can be rather hard to
track down, as the dependency on `USER` is not mentioned.

To remedy this situation, this commit

- uses STACK_USER instead of USER and
- mentions that dependency in the script headers of lib/*

Change-Id: If4cdc39b922ea64b4c0893a0e695ec06349fccc5
2013-11-19 13:39:58 +01:00
Adam Spiers
6a5aa7c6a2 Fix some Markdown formatting issues
Address miscellaneous issues with Markdown formatting in comments which
are consumed by shocco when generating the online documentation.

Change-Id: I953075cdbddbf1f119c6c7e35f039e2e54b79078
2013-10-24 17:38:19 +01:00
Jamie Lennox
5470701e10 Fix swift httpd on fedora
Implements a fedora equivalent of ubuntu's sites-enabled and moves
enabling of mod_wsgi to the installation period so that it doesn't have
to be handled in a platform dependant way later.

Fixes: bug 1226363
Change-Id: I85325179f1792d985b0375572abfe8c8a82fecc3
2013-09-24 10:48:01 +10:00
Jamie Lennox
5a3d770793 Remove change_apache_user_group function
This function allowed you to change the process running user for all of
apache. This is better handled on a per-process basis.

Change-Id: I165adc0c49fc328f34835856b49983c4e189f143
Fixes: bug 1226346
Fixes: bug 1225853
2013-09-17 11:45:32 +10:00
zhang-hare
d98a5d0a58 enable apache2 server as front end for swift
1.install apache and wsgi module
2.config apache2 vhost and wsgi files for proxy,
account, container and object server.
3.refactor apache functions from horizon and swift
into lib/apache

Change-Id: I3a5d1e511c5dca1e6d01a1adca8fda0a43d4f632
Implements: blueprint enable-apache-frontend-for-swift
2013-07-29 11:15:21 +08:00