Properly notify apache restarts on configuration updates
This uses edit_resource to add a notification in the nova-api, nova-api-metadata and nova-placement-api apache configurations when one of them gets updated. This is a workaround due to the fact we are using a version of the apache2 cookbook that is still using definitions and cannot add notifications with definitions. This is intended to ensure we only restart apache when the configuration is updated. Otherwise, the old behaviour was to restart apache on every run which is problematic in production environments. I have been using this in our production wrapper cookbook for the past year or so without any issue. This will be removed in the Stein release when we migrate to the newer apache2 cookbook which uses proper resources. Also amend the Berksfile to point to the new opendev.org location. Change-Id: I55e6ea4124017e0f44f92f6a2fb01baad5a27555 Signed-off-by: Lance Albertson <lance@osuosl.org>
This commit is contained in:
parent
ff074af903
commit
82c5b9a243
|
@ -4,11 +4,11 @@ source 'https://supermarket.chef.io'
|
|||
if Dir.exist?("../cookbook-openstack-#{cookbook}")
|
||||
cookbook "openstack-#{cookbook}", path: "../cookbook-openstack-#{cookbook}"
|
||||
else
|
||||
cookbook "openstack-#{cookbook}", git: "https://git.openstack.org/openstack/cookbook-openstack-#{cookbook}"
|
||||
cookbook "openstack-#{cookbook}", git: "https://opendev.org/openstack/cookbook-openstack-#{cookbook}"
|
||||
end
|
||||
end
|
||||
|
||||
cookbook 'openstackclient',
|
||||
git: 'https://git.openstack.org/openstack/cookbook-openstackclient'
|
||||
git: 'https://opendev.org/openstack/cookbook-openstackclient'
|
||||
|
||||
metadata
|
||||
|
|
|
@ -49,6 +49,7 @@ template '/etc/nova/api-paste.ini' do
|
|||
owner node['openstack']['compute']['user']
|
||||
group node['openstack']['compute']['group']
|
||||
mode 0o0644
|
||||
notifies :run, 'execute[Clear nova-metadata apache restart]', :immediately
|
||||
end
|
||||
|
||||
service 'nova-api-metadata' do
|
||||
|
@ -79,8 +80,19 @@ web_app 'nova-metadata' do
|
|||
ciphers node['openstack']['compute']['metadata']['ssl']['ciphers']
|
||||
end
|
||||
|
||||
# Hack until Apache cookbook has lwrp's for proper use of notify restart
|
||||
# apache2 after keystone if completely configured. Whenever a nova
|
||||
# config is updated, have it notify the resource which clears the lock
|
||||
# so the service can be restarted.
|
||||
# TODO(ramereth): This should be removed once this cookbook is updated
|
||||
# to use the newer apache2 cookbook which uses proper resources.
|
||||
edit_resource(:template, "#{node['apache']['dir']}/sites-available/nova-metadata.conf") do
|
||||
notifies :run, 'execute[Clear nova-metadata apache restart]', :immediately
|
||||
end
|
||||
|
||||
execute 'nova-metadata apache restart' do
|
||||
command 'uname'
|
||||
command "touch #{Chef::Config[:file_cache_path]}/nova-metadata-apache-restarted"
|
||||
creates "#{Chef::Config[:file_cache_path]}/nova-metadata-apache-restarted"
|
||||
notifies :run, 'execute[nova-metadata: restore-selinux-context]', :immediately
|
||||
notifies :restart, 'service[apache2]', :immediately
|
||||
end
|
||||
|
|
|
@ -49,6 +49,7 @@ template '/etc/nova/api-paste.ini' do
|
|||
owner nova_user
|
||||
group nova_group
|
||||
mode 0o0644
|
||||
notifies :run, 'execute[Clear nova-api apache restart]', :immediately
|
||||
end
|
||||
|
||||
execute 'nova-manage api_db sync' do
|
||||
|
@ -89,8 +90,19 @@ end
|
|||
|
||||
include_recipe 'openstack-compute::_nova_cell'
|
||||
|
||||
# Hack until Apache cookbook has lwrp's for proper use of notify restart
|
||||
# apache2 after keystone if completely configured. Whenever a nova
|
||||
# config is updated, have it notify the resource which clears the lock
|
||||
# so the service can be restarted.
|
||||
# TODO(ramereth): This should be removed once this cookbook is updated
|
||||
# to use the newer apache2 cookbook which uses proper resources.
|
||||
edit_resource(:template, "#{node['apache']['dir']}/sites-available/nova-api.conf") do
|
||||
notifies :run, 'execute[Clear nova-api apache restart]', :immediately
|
||||
end
|
||||
|
||||
execute 'nova-api apache restart' do
|
||||
command 'uname'
|
||||
command "touch #{Chef::Config[:file_cache_path]}/nova-api-apache-restarted"
|
||||
creates "#{Chef::Config[:file_cache_path]}/nova-api-apache-restarted"
|
||||
notifies :run, 'execute[nova-api: restore-selinux-context]', :immediately
|
||||
notifies :restart, 'service[apache2]', :immediately
|
||||
end
|
||||
|
|
|
@ -193,6 +193,21 @@ end
|
|||
# merge all config options and secrets to be used in nova.conf
|
||||
nova_conf_options = merge_config_options 'compute'
|
||||
|
||||
execute 'Clear nova-api apache restart' do
|
||||
command "rm -f #{Chef::Config[:file_cache_path]}/nova-api-apache-restarted"
|
||||
action :nothing
|
||||
end
|
||||
|
||||
execute 'Clear nova-metadata apache restart' do
|
||||
command "rm -f #{Chef::Config[:file_cache_path]}/nova-metadata-apache-restarted"
|
||||
action :nothing
|
||||
end
|
||||
|
||||
execute 'Clear nova-placement-api apache restart' do
|
||||
command "rm -f #{Chef::Config[:file_cache_path]}/nova-placement-api-apache-restarted"
|
||||
action :nothing
|
||||
end
|
||||
|
||||
template '/etc/nova/nova.conf' do
|
||||
source 'openstack-service.conf.erb'
|
||||
cookbook 'openstack-common'
|
||||
|
@ -204,6 +219,9 @@ template '/etc/nova/nova.conf' do
|
|||
# with the glance_api_servers configuration option...
|
||||
service_config: nova_conf_options
|
||||
)
|
||||
notifies :run, 'execute[Clear nova-api apache restart]', :immediately
|
||||
notifies :run, 'execute[Clear nova-metadata apache restart]', :immediately
|
||||
notifies :run, 'execute[Clear nova-placement-api apache restart]', :immediately
|
||||
end
|
||||
|
||||
# delete all secrets saved in the attribute
|
||||
|
|
|
@ -71,3 +71,19 @@ execute 'placement-api: nova-manage api_db sync' do
|
|||
command 'nova-manage api_db sync'
|
||||
action :run
|
||||
end
|
||||
|
||||
# Hack until Apache cookbook has lwrp's for proper use of notify restart
|
||||
# apache2 after keystone if completely configured. Whenever a nova
|
||||
# config is updated, have it notify the resource which clears the lock
|
||||
# so the service can be restarted.
|
||||
# TODO(ramereth): This should be removed once this cookbook is updated
|
||||
# to use the newer apache2 cookbook which uses proper resources.
|
||||
edit_resource(:template, "#{node['apache']['dir']}/sites-available/nova-placement-api.conf") do
|
||||
notifies :run, 'execute[Clear nova-placement-api apache restart]', :immediately
|
||||
end
|
||||
|
||||
execute 'nova-placement-api apache restart' do
|
||||
command "touch #{Chef::Config[:file_cache_path]}/nova-placement-api-apache-restarted"
|
||||
creates "#{Chef::Config[:file_cache_path]}/nova-placement-api-apache-restarted"
|
||||
notifies :restart, 'service[apache2]', :immediately
|
||||
end
|
||||
|
|
|
@ -24,5 +24,33 @@ describe 'openstack-compute::api-metadata' do
|
|||
it 'stops metadata api now' do
|
||||
expect(chef_run).to stop_service 'nova-api-metadata'
|
||||
end
|
||||
it do
|
||||
expect(chef_run).to nothing_execute('Clear nova-metadata apache restart')
|
||||
.with(
|
||||
command: 'rm -f /var/chef/cache/nova-metadata-apache-restarted'
|
||||
)
|
||||
end
|
||||
%w(
|
||||
/etc/nova/nova.conf
|
||||
/etc/nova/api-paste.ini
|
||||
/etc/httpd/sites-available/nova-metadata.conf
|
||||
).each do |f|
|
||||
it "#{f} notifies execute[Clear nova-metadata apache restart]" do
|
||||
expect(chef_run.template(f)).to notify('execute[Clear nova-metadata apache restart]').to(:run).immediately
|
||||
end
|
||||
end
|
||||
it do
|
||||
expect(chef_run).to run_execute('nova-metadata apache restart')
|
||||
.with(
|
||||
command: 'touch /var/chef/cache/nova-metadata-apache-restarted',
|
||||
creates: '/var/chef/cache/nova-metadata-apache-restarted'
|
||||
)
|
||||
end
|
||||
it do
|
||||
expect(chef_run.execute('nova-metadata apache restart')).to notify('execute[nova-metadata: restore-selinux-context]').to(:run).immediately
|
||||
end
|
||||
it do
|
||||
expect(chef_run.execute('nova-metadata apache restart')).to notify('service[apache2]').to(:restart).immediately
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -25,5 +25,33 @@ describe 'openstack-compute::api-metadata' do
|
|||
it 'stop metadata api now' do
|
||||
expect(chef_run).to stop_service 'nova-api-metadata'
|
||||
end
|
||||
it do
|
||||
expect(chef_run).to nothing_execute('Clear nova-metadata apache restart')
|
||||
.with(
|
||||
command: 'rm -f /var/chef/cache/nova-metadata-apache-restarted'
|
||||
)
|
||||
end
|
||||
%w(
|
||||
/etc/nova/nova.conf
|
||||
/etc/nova/api-paste.ini
|
||||
/etc/apache2/sites-available/nova-metadata.conf
|
||||
).each do |f|
|
||||
it "#{f} notifies execute[Clear nova-metadata apache restart]" do
|
||||
expect(chef_run.template(f)).to notify('execute[Clear nova-metadata apache restart]').to(:run).immediately
|
||||
end
|
||||
end
|
||||
it do
|
||||
expect(chef_run).to run_execute('nova-metadata apache restart')
|
||||
.with(
|
||||
command: 'touch /var/chef/cache/nova-metadata-apache-restarted',
|
||||
creates: '/var/chef/cache/nova-metadata-apache-restarted'
|
||||
)
|
||||
end
|
||||
it do
|
||||
expect(chef_run.execute('nova-metadata apache restart')).to notify('execute[nova-metadata: restore-selinux-context]').to(:run).immediately
|
||||
end
|
||||
it do
|
||||
expect(chef_run.execute('nova-metadata apache restart')).to notify('service[apache2]').to(:restart).immediately
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -32,5 +32,33 @@ describe 'openstack-compute::api-os-compute' do
|
|||
it 'stops openstack api now' do
|
||||
expect(chef_run).to stop_service 'openstack-nova-api'
|
||||
end
|
||||
it do
|
||||
expect(chef_run).to nothing_execute('Clear nova-api apache restart')
|
||||
.with(
|
||||
command: 'rm -f /var/chef/cache/nova-api-apache-restarted'
|
||||
)
|
||||
end
|
||||
%w(
|
||||
/etc/nova/nova.conf
|
||||
/etc/nova/api-paste.ini
|
||||
/etc/httpd/sites-available/nova-api.conf
|
||||
).each do |f|
|
||||
it "#{f} notifies execute[Clear nova-api apache restart]" do
|
||||
expect(chef_run.template(f)).to notify('execute[Clear nova-api apache restart]').to(:run).immediately
|
||||
end
|
||||
end
|
||||
it do
|
||||
expect(chef_run).to run_execute('nova-api apache restart')
|
||||
.with(
|
||||
command: 'touch /var/chef/cache/nova-api-apache-restarted',
|
||||
creates: '/var/chef/cache/nova-api-apache-restarted'
|
||||
)
|
||||
end
|
||||
it do
|
||||
expect(chef_run.execute('nova-api apache restart')).to notify('execute[nova-api: restore-selinux-context]').to(:run).immediately
|
||||
end
|
||||
it do
|
||||
expect(chef_run.execute('nova-api apache restart')).to notify('service[apache2]').to(:restart).immediately
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -33,5 +33,33 @@ describe 'openstack-compute::api-os-compute' do
|
|||
it 'stops openstack api now' do
|
||||
expect(chef_run).to stop_service 'nova-api-os-compute'
|
||||
end
|
||||
it do
|
||||
expect(chef_run).to nothing_execute('Clear nova-api apache restart')
|
||||
.with(
|
||||
command: 'rm -f /var/chef/cache/nova-api-apache-restarted'
|
||||
)
|
||||
end
|
||||
%w(
|
||||
/etc/nova/nova.conf
|
||||
/etc/nova/api-paste.ini
|
||||
/etc/apache2/sites-available/nova-api.conf
|
||||
).each do |f|
|
||||
it "#{f} notifies execute[Clear nova-api apache restart]" do
|
||||
expect(chef_run.template(f)).to notify('execute[Clear nova-api apache restart]').to(:run).immediately
|
||||
end
|
||||
end
|
||||
it do
|
||||
expect(chef_run).to run_execute('nova-api apache restart')
|
||||
.with(
|
||||
command: 'touch /var/chef/cache/nova-api-apache-restarted',
|
||||
creates: '/var/chef/cache/nova-api-apache-restarted'
|
||||
)
|
||||
end
|
||||
it do
|
||||
expect(chef_run.execute('nova-api apache restart')).to notify('execute[nova-api: restore-selinux-context]').to(:run).immediately
|
||||
end
|
||||
it do
|
||||
expect(chef_run.execute('nova-api apache restart')).to notify('service[apache2]').to(:restart).immediately
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -364,7 +364,8 @@ describe 'openstack-compute::nova-common' do
|
|||
it 'enables nova login' do
|
||||
expect(chef_run).to run_execute('usermod -s /bin/sh nova')
|
||||
end
|
||||
it do
|
||||
|
||||
it 'cleans up conf_secrets' do
|
||||
expect(chef_run).to run_ruby_block("delete all attributes in node['openstack']['compute']['conf_secrets']")
|
||||
end
|
||||
end
|
||||
|
|
|
@ -30,5 +30,29 @@ describe 'openstack-compute::placement_api' do
|
|||
it 'disables nova-placement-api service' do
|
||||
expect(chef_run).to disable_service 'disable nova-placement-api service'
|
||||
end
|
||||
it do
|
||||
expect(chef_run).to nothing_execute('Clear nova-placement-api apache restart')
|
||||
.with(
|
||||
command: 'rm -f /var/chef/cache/nova-placement-api-apache-restarted'
|
||||
)
|
||||
end
|
||||
%w(
|
||||
/etc/nova/nova.conf
|
||||
/etc/apache2/sites-available/nova-placement-api.conf
|
||||
).each do |f|
|
||||
it "#{f} notifies execute[Clear nova-placement-api apache restart]" do
|
||||
expect(chef_run.template(f)).to notify('execute[Clear nova-placement-api apache restart]').to(:run).immediately
|
||||
end
|
||||
end
|
||||
it do
|
||||
expect(chef_run).to run_execute('nova-placement-api apache restart')
|
||||
.with(
|
||||
command: 'touch /var/chef/cache/nova-placement-api-apache-restarted',
|
||||
creates: '/var/chef/cache/nova-placement-api-apache-restarted'
|
||||
)
|
||||
end
|
||||
it do
|
||||
expect(chef_run.execute('nova-placement-api apache restart')).to notify('service[apache2]').to(:restart).immediately
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -12,6 +12,7 @@ RSpec.configure do |config|
|
|||
config.color = true
|
||||
config.formatter = :documentation
|
||||
config.log_level = :fatal
|
||||
config.file_cache_path = '/var/chef/cache'
|
||||
end
|
||||
|
||||
REDHAT_OPTS = {
|
||||
|
@ -21,7 +22,6 @@ REDHAT_OPTS = {
|
|||
UBUNTU_OPTS = {
|
||||
platform: 'ubuntu',
|
||||
version: '16.04',
|
||||
file_cache_path: Chef::Config[:file_cache_path],
|
||||
}.freeze
|
||||
|
||||
shared_context 'compute_stubs' do
|
||||
|
@ -140,7 +140,7 @@ shared_examples 'expect_creates_nova_lock_dir' do
|
|||
end
|
||||
|
||||
shared_examples 'expect_creates_nova_instances_dir' do
|
||||
it 'creates the /var/lib/nova/lock directory' do
|
||||
it 'creates the /var/lib/nova/instances directory' do
|
||||
expect(chef_run).to create_directory('/var/lib/nova/instances').with(
|
||||
user: 'nova',
|
||||
group: 'nova',
|
||||
|
|
Loading…
Reference in New Issue