From 31cddcd7623517117ccbc126b14c850b7acc8c24 Mon Sep 17 00:00:00 2001
From: Steve Lewis <stevelle@gmail.com>
Date: Wed, 14 Sep 2016 10:45:09 -0700
Subject: [PATCH] Serve the ceilometer-api using mod_wsgi

With the dependent change merged Ceilometer API will no longer run
without a stand-alone wsgi engine. It is too late in the cycle right
now to bring over changes for nginx and/or uwsgi for this project so
only this deployment option is being supported at this time.

Change-Id: I3cff6b183feae3c346cd56602d7b733a6dd9a01b
Depends-On: I8812ea1a92d6dc7f41a490e971bb7a09dee9b304
---
 defaults/main.yml                             |  7 +++
 handlers/main.yml                             | 17 ++---
 ...-ceilometer-api-init-a4bfc4cbabcbcb16.yaml |  4 ++
 tasks/ceilometer_apache.yml                   | 63 +++++++++++++++++++
 tasks/ceilometer_init.yml                     |  9 ---
 tasks/ceilometer_post_install.yml             | 14 ++++-
 tasks/ceilometer_pre_install.yml              | 11 ++++
 tasks/main.yml                                |  7 +++
 templates/ceilometer-api-wsgi.py.j2           | 22 +++++++
 templates/ceilometer-httpd.conf.j2            | 16 +++++
 templates/ceilometer-ports.conf.j2            |  3 +
 vars/ubuntu-14.04.yml                         |  5 ++
 vars/ubuntu-16.04.yml                         |  5 ++
 13 files changed, 166 insertions(+), 17 deletions(-)
 create mode 100644 releasenotes/notes/removed-ceilometer-api-init-a4bfc4cbabcbcb16.yaml
 create mode 100644 tasks/ceilometer_apache.yml
 create mode 100644 templates/ceilometer-api-wsgi.py.j2
 create mode 100644 templates/ceilometer-httpd.conf.j2
 create mode 100644 templates/ceilometer-ports.conf.j2

diff --git a/defaults/main.yml b/defaults/main.yml
index 1527a9ca..8eeaa5ee 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -57,6 +57,13 @@ ceilometer_db_ip: localhost
 ceilometer_db_port: 27017
 ceilometer_connection_string: "{{ ceilometer_db_type }}://{{ ceilometer_database_user }}:{{ ceilometer_container_db_password }}@{{ ceilometer_db_ip }}:{{ ceilometer_db_port }}/{{ ceilometer_database_name }}"
 
+## Apache setup
+ceilometer_apache_log_level: info
+ceilometer_apache_servertokens: "Prod"
+ceilometer_apache_serversignature: "Off"
+ceilometer_wsgi_threads: 10
+ceilometer_wsgi_processes: "{{ ansible_processor_vcpus | default (1) * 2 }}"
+
 ## RabbitMQ info
 
 ## Configuration for RPC communications
diff --git a/handlers/main.yml b/handlers/main.yml
index eeebe41a..77b973dd 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -13,13 +13,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-- name: Restart ceilometer api
-  service:
-    name: "{{ ceilometer_api_program_name }}"
-    state: "restarted"
-    pattern: "{{ ceilometer_api_program_name }}"
-
-
 - name: Restart ceilometer collector
   service:
     name: "{{ ceilometer_collector_program_name }}"
@@ -45,3 +38,13 @@
     pattern: "{{ item }}"
   with_items: "{{ ceilometer_service_names }}"
   failed_when: false
+
+- name: Restart Apache
+  service:
+    name: "apache2"
+    state: "restarted"
+    pattern: "apache2"
+  register: apache_restart
+  until: apache_restart|success
+  retries: 5
+  delay: 2
diff --git a/releasenotes/notes/removed-ceilometer-api-init-a4bfc4cbabcbcb16.yaml b/releasenotes/notes/removed-ceilometer-api-init-a4bfc4cbabcbcb16.yaml
new file mode 100644
index 00000000..3caf93cb
--- /dev/null
+++ b/releasenotes/notes/removed-ceilometer-api-init-a4bfc4cbabcbcb16.yaml
@@ -0,0 +1,4 @@
+---
+upgrade:
+  - The ``ceilometer-api`` init service is removed since ``ceilometer-api`` is
+    deployed as an apache ``mod_wsgi`` service.
diff --git a/tasks/ceilometer_apache.yml b/tasks/ceilometer_apache.yml
new file mode 100644
index 00000000..7896cced
--- /dev/null
+++ b/tasks/ceilometer_apache.yml
@@ -0,0 +1,63 @@
+---
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Drop apache2 virtual host and ports file
+  template:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    owner: "root"
+    group: "root"
+  with_items:
+    - { src: "ceilometer-ports.conf.j2", dest: "/etc/apache2/ports.conf" }
+    - { src: "ceilometer-httpd.conf.j2", dest: "/etc/apache2/sites-available/ceilometer-httpd.conf" }
+  notify:
+    - Restart Apache
+
+- name: Disable default apache site
+  file:
+    path: "/etc/apache2/sites-enabled/000-default.conf"
+    state: "absent"
+  notify:
+    - Restart Apache
+
+- name: Enabled ceilometer vhost
+  file:
+    src: "/etc/apache2/sites-available/ceilometer-httpd.conf"
+    dest: "/etc/apache2/sites-enabled/ceilometer-httpd.conf"
+    state: "link"
+  notify:
+    - Restart Apache
+
+- name: Ensure Apache ServerName
+  lineinfile:
+    dest: "/etc/apache2/apache2.conf"
+    line: "ServerName {{ inventory_hostname }}"
+  notify:
+    - Restart Apache
+
+- name: Ensure Apache ServerTokens
+  lineinfile:
+    dest: "/etc/apache2/conf-available/security.conf"
+    regexp: '^ServerTokens'
+    line: "ServerTokens {{ ceilometer_apache_servertokens }}"
+  notify:
+    - Restart Apache
+
+- name: Ensure Apache ServerSignature
+  lineinfile:
+    dest: "/etc/apache2/conf-available/security.conf"
+    regexp: '^ServerSignature'
+    line: "ServerSignature {{ ceilometer_apache_serversignature }}"
+  notify:
+    - Restart Apache
diff --git a/tasks/ceilometer_init.yml b/tasks/ceilometer_init.yml
index 89026be9..bead3c7a 100644
--- a/tasks/ceilometer_init.yml
+++ b/tasks/ceilometer_init.yml
@@ -13,15 +13,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-- include: ceilometer_init_common.yml
-  vars:
-    program_name: "{{ ceilometer_api_program_name }}"
-    service_name: "{{ ceilometer_service_name }}"
-    system_user: "{{ ceilometer_system_user_name }}"
-    system_group: "{{ ceilometer_system_group_name }}"
-    service_home: "{{ ceilometer_system_user_home }}"
-  when: inventory_hostname in groups['ceilometer_api']
-
 - include: ceilometer_init_common.yml
   vars:
     program_name: "{{ ceilometer_agent_notification_program_name }}"
diff --git a/tasks/ceilometer_post_install.yml b/tasks/ceilometer_post_install.yml
index 6dc461f3..fe5925cb 100644
--- a/tasks/ceilometer_post_install.yml
+++ b/tasks/ceilometer_post_install.yml
@@ -65,7 +65,19 @@
       dest: "/etc/ceilometer/policy.json"
       config_overrides: "{{ ceilometer_policy_overrides }}"
       config_type: "json"
-  notify: Restart ceilometer services
+  notify:
+    - Restart ceilometer services
+    - Restart Apache
+
+- name: Drop ceilometer API WSGI Configs
+  template:
+    src: ceilometer-api-wsgi.py.j2
+    dest: /var/www/cgi-bin/ceilometer/ceilometer-api
+    owner: "{{ ceilometer_system_user_name }}"
+    group: "{{ ceilometer_system_group_name }}"
+    mode: "0755"
+  notify:
+    - Restart Apache
 
 - name: Drop rootwrap filters
   copy:
diff --git a/tasks/ceilometer_pre_install.yml b/tasks/ceilometer_pre_install.yml
index 035f3b40..1ead269f 100644
--- a/tasks/ceilometer_pre_install.yml
+++ b/tasks/ceilometer_pre_install.yml
@@ -54,6 +54,17 @@
     - { path: "{{ ceilometer_system_user_home }}/.ssh", mode: "0700" }
     - { path: "/var/cache/ceilometer", mode: "0700" }
 
+- name: Create Apache mod_wsgi dirs
+  file:
+    path: "{{ item.path }}"
+    state: directory
+    owner: "{{ item.owner|default(ceilometer_system_user_name) }}"
+    group: "{{ item.group|default(ceilometer_system_group_name) }}"
+    mode: "0755"
+  with_items:
+    - { path: "/var/www/cgi-bin", owner: root, group: root }
+    - { path: "/var/www/cgi-bin/ceilometer" }
+
 - name: Test for log directory or link
   shell: |
     if [ -h "/var/log/ceilometer"  ]; then
diff --git a/tasks/main.yml b/tasks/main.yml
index 5c8f840a..0590af43 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -61,6 +61,13 @@
   tags:
     - ceilometer-install
 
+- include: ceilometer_apache.yml
+  when:
+    - inventory_hostname in groups['ceilometer_api']
+  tags:
+    - ceilometer-install
+    - ceilometer-config
+
 - include: ceilometer_service_setup.yml
   when:
     - inventory_hostname == groups['ceilometer_api'][0]
diff --git a/templates/ceilometer-api-wsgi.py.j2 b/templates/ceilometer-api-wsgi.py.j2
new file mode 100644
index 00000000..637197c0
--- /dev/null
+++ b/templates/ceilometer-api-wsgi.py.j2
@@ -0,0 +1,22 @@
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+import os
+
+activate_this = os.path.expanduser("{{ ceilometer_bin }}/activate_this.py")
+execfile(activate_this, dict(__file__=activate_this))
+
+from ceilometer import service
+from ceilometer.api import app
+
+service.prepare_service([])
+application = app.load_app()
diff --git a/templates/ceilometer-httpd.conf.j2 b/templates/ceilometer-httpd.conf.j2
new file mode 100644
index 00000000..41c6a2f4
--- /dev/null
+++ b/templates/ceilometer-httpd.conf.j2
@@ -0,0 +1,16 @@
+# {{ ansible_managed }}
+
+<VirtualHost *:{{ ceilometer_service_port }}>
+    WSGIDaemonProcess ceilometer-api lang='en_US.UTF-8' locale='en_US.UTF-8' user={{ ceilometer_system_user_name }} group={{ ceilometer_system_group_name }} processes={{ ceilometer_wsgi_processes }} threads={{ ceilometer_wsgi_threads }} display-name=%{GROUP}
+    WSGIProcessGroup ceilometer-api
+    WSGIScriptAlias / /var/www/cgi-bin/ceilometer/ceilometer-api
+    WSGIApplicationGroup  %{GLOBAL}
+
+    <IfVersion >= 2.4>
+      ErrorLogFormat "%{cu}t %M"
+    </IfVersion>
+
+    LogLevel  {{  ceilometer_apache_log_level }}
+    ErrorLog  /var/log/ceilometer/ceilometer-apache-error.log
+    CustomLog /var/log/ceilometer/ceilometer-access.log combined
+</VirtualHost>
diff --git a/templates/ceilometer-ports.conf.j2 b/templates/ceilometer-ports.conf.j2
new file mode 100644
index 00000000..ab3af534
--- /dev/null
+++ b/templates/ceilometer-ports.conf.j2
@@ -0,0 +1,3 @@
+# {{ ansible_managed }}
+
+Listen {{ ceilometer_service_port }}
diff --git a/vars/ubuntu-14.04.yml b/vars/ubuntu-14.04.yml
index f3bc6971..ae3884d9 100644
--- a/vars/ubuntu-14.04.yml
+++ b/vars/ubuntu-14.04.yml
@@ -21,6 +21,11 @@ ceilometer_distro_packages:
   - rpcbind
   - rsync
   - git
+  - apache2
+  - apache2-utils
+  - libapache2-mod-wsgi
+  - libffi-dev
+  - libssl-dev
 
 # Packages required in developer mode, where packages are built locally
 ceilometer_developer_mode_distro_packages:
diff --git a/vars/ubuntu-16.04.yml b/vars/ubuntu-16.04.yml
index afbd126f..cc35b8ed 100644
--- a/vars/ubuntu-16.04.yml
+++ b/vars/ubuntu-16.04.yml
@@ -21,6 +21,11 @@ ceilometer_distro_packages:
   - rpcbind
   - rsync
   - git
+  - apache2
+  - apache2-utils
+  - libapache2-mod-wsgi
+  - libffi-dev
+  - libssl-dev
 
 # Packages required in developer mode, where packages are built locally
 ceilometer_developer_mode_distro_packages: