diff --git a/openstack_operator/ceilometer.py b/openstack_operator/ceilometer.py index aed284a1..e6bcc79a 100644 --- a/openstack_operator/ceilometer.py +++ b/openstack_operator/ceilometer.py @@ -25,10 +25,9 @@ def create_or_resume(spec): """Create or start-up Ceilometer.""" config_hash = utils.generate_hash(spec) - env = utils.get_uwsgi_env() utils.create_or_update('ceilometer/secret.yml.j2', spec=spec) utils.create_or_update('ceilometer/deployment-agent-notification.yml.j2', - spec=spec, env=env, + spec=spec, config_hash=config_hash) utils.create_or_update('ceilometer/horizontalpodautoscaler.yml.j2') diff --git a/openstack_operator/heat.py b/openstack_operator/heat.py index e28d6bc2..9996325b 100644 --- a/openstack_operator/heat.py +++ b/openstack_operator/heat.py @@ -30,12 +30,11 @@ def create_or_resume(name, spec, **_): start the service up for the first time. """ - env = utils.get_uwsgi_env() config_hash = utils.generate_hash(spec) for component in ("api", "api-cfn"): utils.create_or_update('heat/deployment.yml.j2', name=name, spec=spec, - component=component, env=env, + component=component, config_hash=config_hash) utils.create_or_update('heat/service.yml.j2', name=name, component=component) diff --git a/openstack_operator/horizon.py b/openstack_operator/horizon.py index 35095932..faa525d2 100644 --- a/openstack_operator/horizon.py +++ b/openstack_operator/horizon.py @@ -43,10 +43,10 @@ def create_or_resume(name, spec, **_): config = utils.create_or_update('horizon/configmap.yml.j2', name=name, spec=spec) config_hash = utils.generate_hash(config.obj['data']) - env = utils.get_uwsgi_env() + utils.create_or_update('horizon/deployment.yml.j2', config_hash=config_hash, name=name, - spec=spec, env=env) + spec=spec) utils.create_or_update('horizon/service.yml.j2', name=name, spec=spec) utils.create_or_update('horizon/memcached.yml.j2', @@ -67,10 +67,10 @@ def update(name, spec, **_): config = utils.create_or_update('horizon/configmap.yml.j2', name=name, spec=spec) config_hash = utils.generate_hash(config.obj['data']) - env = utils.get_uwsgi_env() + utils.create_or_update('horizon/deployment.yml.j2', config_hash=config_hash, name=name, - spec=spec, env=env) + spec=spec) if "ingress" in spec: utils.create_or_update('horizon/ingress.yml.j2', name=name, spec=spec) diff --git a/openstack_operator/keystone.py b/openstack_operator/keystone.py index ff7d0cc0..3bc44cfc 100644 --- a/openstack_operator/keystone.py +++ b/openstack_operator/keystone.py @@ -92,7 +92,7 @@ def create_or_resume(name, spec, **_): This function is called when a new resource is created but also when we start the service up for the first time. """ - env = utils.get_uwsgi_env() + config_hash = utils.generate_hash(spec) conn = utils.get_openstack_connection() auth_url = conn.config.auth["auth_url"] @@ -109,7 +109,7 @@ def create_or_resume(name, spec, **_): # (TODO)Replace the current admin url utils.create_or_update('keystone/deployment.yml.j2', name=name, spec=spec, - env=env, config_hash=config_hash) + config_hash=config_hash) utils.create_or_update('keystone/service.yml.j2', name=name, spec=spec) utils.create_or_update('keystone/horizontalpodautoscaler.yml.j2', diff --git a/openstack_operator/magnum.py b/openstack_operator/magnum.py index b08f4d25..b59fd488 100644 --- a/openstack_operator/magnum.py +++ b/openstack_operator/magnum.py @@ -31,13 +31,9 @@ def create_or_resume(name, spec, **_): config_hash = utils.generate_hash(spec) for component in ("api", "conductor"): - if component == "api": - env = utils.get_uwsgi_env() - else: - env = {} utils.create_or_update('magnum/deployment.yml.j2', name=name, spec=spec, - component=component, env=env, + component=component, config_hash=config_hash) utils.create_or_update('magnum/horizontalpodautoscaler.yml.j2', name=name, component=component) diff --git a/openstack_operator/operator.py b/openstack_operator/operator.py index 8bc4f885..b3051ec3 100644 --- a/openstack_operator/operator.py +++ b/openstack_operator/operator.py @@ -51,6 +51,7 @@ def deploy(name, namespace, new, **_): """ utils.create_or_update('operator/namespace.yml.j2') + utils.create_or_update('operator/uwsgidefaultconfig.yml.j2') config = utils.to_dict(new['data']['operator-config.yaml']) diff --git a/openstack_operator/templates/ceilometer/deployment-agent-notification.yml.j2 b/openstack_operator/templates/ceilometer/deployment-agent-notification.yml.j2 index f0a03098..a1476a68 100644 --- a/openstack_operator/templates/ceilometer/deployment-agent-notification.yml.j2 +++ b/openstack_operator/templates/ceilometer/deployment-agent-notification.yml.j2 @@ -39,6 +39,8 @@ spec: volumeMounts: - name: ceilometer-config mountPath: /etc/ceilometer + - name: uwsgi-config + mountPath: /etc/uwsgi resources: limits: cpu: 1000m @@ -54,10 +56,12 @@ spec: env: - name: "DATABASE_URI" value: "{{ spec.dbUri }}" + {% if env is defined %} {% for v in env %} - name: "{{ v.name }}" value: "{{ v.value }}" {% endfor %} + {% endif %} resources: limits: cpu: 100m @@ -71,6 +75,10 @@ spec: - name: ceilometer-config secret: secretName: ceilometer-config + - name: uwsgi-config + configMap: + defaultMode: 420 + name: uwsgi-default securityContext: runAsUser: 65534 runAsGroup: 65534 diff --git a/openstack_operator/templates/heat/deployment.yml.j2 b/openstack_operator/templates/heat/deployment.yml.j2 index e76499c7..e19193d7 100644 --- a/openstack_operator/templates/heat/deployment.yml.j2 +++ b/openstack_operator/templates/heat/deployment.yml.j2 @@ -98,11 +98,17 @@ spec: volumeMounts: - mountPath: /etc/heat name: config + - name: uwsgi-config + mountPath: /etc/uwsgi volumes: - name: config hostPath: path: {{ spec['configDir'] }} type: Directory + - name: uwsgi-config + configMap: + defaultMode: 420 + name: uwsgi-default {% if 'nodeSelector' in spec %} nodeSelector: {{ spec.nodeSelector | to_yaml | indent(8) }} diff --git a/openstack_operator/templates/horizon/deployment.yml.j2 b/openstack_operator/templates/horizon/deployment.yml.j2 index d2e13721..e287bb82 100644 --- a/openstack_operator/templates/horizon/deployment.yml.j2 +++ b/openstack_operator/templates/horizon/deployment.yml.j2 @@ -37,10 +37,12 @@ spec: image: vexxhost/horizon:latest imagePullPolicy: Always env: + {% if env is defined %} {% for v in env %} - name: "{{ v.name }}" value: "{{ v.value }}" {% endfor %} + {% endif %} - name: SECRET_KEY valueFrom: secretKeyRef: @@ -74,6 +76,8 @@ spec: volumeMounts: - name: config mountPath: /etc/horizon + - name: uwsgi-config + mountPath: /etc/uwsgi {% if 'logo' in spec %} - name: logo mountPath: /usr/local/lib/python3.7/site-packages/static/dashboard/img/logo.svg @@ -90,6 +94,10 @@ spec: configMap: defaultMode: 420 name: horizon + - name: uwsgi-config + configMap: + defaultMode: 420 + name: uwsgi-default {% if 'logo' in spec %} - name: logo configMap: diff --git a/openstack_operator/templates/keystone/deployment.yml.j2 b/openstack_operator/templates/keystone/deployment.yml.j2 index 91b7af4f..47bbe340 100644 --- a/openstack_operator/templates/keystone/deployment.yml.j2 +++ b/openstack_operator/templates/keystone/deployment.yml.j2 @@ -99,11 +99,13 @@ spec: - name: keystone image: vexxhost/keystone:latest imagePullPolicy: Always + {% if env is defined %} env: {% for v in env %} - name: "{{ v.name }}" value: "{{ v.value }}" {% endfor %} + {% endif %} ports: - name: keystone protocol: TCP @@ -139,6 +141,8 @@ spec: mountPath: /etc/keystone/fernet-keys - name: credential-keys mountPath: /etc/keystone/credential-keys + - name: uwsgi-config + mountPath: /etc/uwsgi volumes: - name: config secret: @@ -149,6 +153,10 @@ spec: - name: credential-keys secret: secretName: keystone-credential + - name: uwsgi-config + configMap: + defaultMode: 420 + name: uwsgi-default {% if 'nodeSelector' in spec %} nodeSelector: {{ spec.nodeSelector | to_yaml | indent(8) }} diff --git a/openstack_operator/templates/magnum/deployment.yml.j2 b/openstack_operator/templates/magnum/deployment.yml.j2 index 7ceb8fa6..632cf8e0 100644 --- a/openstack_operator/templates/magnum/deployment.yml.j2 +++ b/openstack_operator/templates/magnum/deployment.yml.j2 @@ -91,11 +91,17 @@ spec: volumeMounts: - mountPath: /etc/magnum name: config + - name: uwsgi-config + mountPath: /etc/uwsgi volumes: - name: config hostPath: path: {{ spec['configDir'] }} type: Directory + - name: uwsgi-config + configMap: + defaultMode: 420 + name: uwsgi-default {% if 'nodeSelector' in spec %} nodeSelector: {{ spec.nodeSelector | to_yaml | indent(8) }} diff --git a/openstack_operator/templates/operator/uwsgidefaultconfig.yml.j2 b/openstack_operator/templates/operator/uwsgidefaultconfig.yml.j2 new file mode 100644 index 00000000..5fc18eeb --- /dev/null +++ b/openstack_operator/templates/operator/uwsgidefaultconfig.yml.j2 @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: uwsgi-default + namespace: openstack +data: + uwsgi.yaml: | + uwsgi: + enable-threads: True + processes: '%k' + exit-on-reload: True + die-on-term: True + lazy-apps: True + add-header: 'Connection: close' + buffer-size: 65535 + thunder-lock: True + http-auto-chunked: True + http-raw-body: True + socket-timeout: 10 + need-app: True + route-user-agent: '^kube-probe.* donotlog:' + log-x-forwarded-for: True diff --git a/openstack_operator/utils.py b/openstack_operator/utils.py index 95f61e3d..1f6e3ffc 100644 --- a/openstack_operator/utils.py +++ b/openstack_operator/utils.py @@ -36,23 +36,6 @@ from openstack_operator import objects DIR_PATH = os.path.dirname(os.path.realpath(__file__)) -UWSGI_SETTINGS = { - 'UWSGI_ENABLE_THREADS': True, - 'UWSGI_PROCESSES': 2, - 'UWSGI_EXIT_ON_RELOAD': True, - 'UWSGI_DIE_ON_TERM': True, - 'UWSGI_LAZY_APPS': True, - 'UWSGI_ADD_HEADER': 'Connection: close', - 'UWSGI_BUFFER_SIZE': 65535, - 'UWSGI_THUNDER_LOCK': True, - 'UWSGI_AUTO_CHUNCKED': True, - 'UWSGI_HTTP_RAW_BODY': True, - 'UWSGI_SOCKET_TIMEOUT': 10, - 'UWSGI_NEED_APP': True, - 'UWSGI_ROUTE_USER_AGENT': '^kube-probe.* donotlog:', - 'UWSGI_LOG_X_FORWARDED_FOR': True, -} - VERSION = version.VersionInfo('openstack_operator').version_string() @@ -229,14 +212,6 @@ def generate_hash(dictionary): return hash(json.dumps(dictionary)) -def get_uwsgi_env(): - """Generate k8s env list from UWSGI_SETTINGS dict""" - res = [] - for key, value in UWSGI_SETTINGS.items(): - res.append({'name': key, 'value': value}) - return res - - def get_configmap(namespace, name): """Retrieve a configmap from Kubernetes.