From 6ac304d752b61a5279b4f4f1155e249665801524 Mon Sep 17 00:00:00 2001
From: ricolin <rlin@vexxhost.com>
Date: Wed, 1 Nov 2023 14:23:37 +0800
Subject: [PATCH] Support uWSGI for API server

Currently Nova API server still using eventlet-based HTTP servers,
it is generally considered more performant and flexible to run them
using a generic HTTP server that supports WSGI.

Change-Id: I489557181bb8becbaf5cf7d9812a671d5cb3cc4a
---
 nova/Chart.yaml                              |  2 +-
 nova/templates/bin/_nova-api-metadata.sh.tpl |  4 +-
 nova/templates/bin/_nova-api.sh.tpl          |  3 +-
 nova/templates/configmap-etc.yaml            | 21 ++++++++
 nova/templates/deployment-api-metadata.yaml  |  4 ++
 nova/templates/deployment-api-osapi.yaml     |  4 ++
 nova/values.yaml                             | 56 +++++++++++++++-----
 releasenotes/notes/nova.yaml                 |  1 +
 8 files changed, 77 insertions(+), 18 deletions(-)

diff --git a/nova/Chart.yaml b/nova/Chart.yaml
index ee480d3695..d502b39906 100644
--- a/nova/Chart.yaml
+++ b/nova/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Nova
 name: nova
-version: 0.3.37
+version: 0.3.38
 home: https://docs.openstack.org/nova/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Nova/OpenStack_Project_Nova_vertical.png
 sources:
diff --git a/nova/templates/bin/_nova-api-metadata.sh.tpl b/nova/templates/bin/_nova-api-metadata.sh.tpl
index 18195f26d0..e7602e8af5 100644
--- a/nova/templates/bin/_nova-api-metadata.sh.tpl
+++ b/nova/templates/bin/_nova-api-metadata.sh.tpl
@@ -48,9 +48,7 @@ function start () {
   # Starts Apache2
   exec {{ .Values.conf.software.apache2.binary }} {{ .Values.conf.software.apache2.start_parameters }}
 {{- else }}
-  exec nova-api-metadata \
-        --config-file /etc/nova/nova.conf \
-        --config-file /tmp/pod-shared/nova-api-metadata.ini
+  exec uwsgi --ini /etc/nova/nova-metadata-uwsgi.ini
 {{- end }}
 }
 
diff --git a/nova/templates/bin/_nova-api.sh.tpl b/nova/templates/bin/_nova-api.sh.tpl
index c62de9a6e2..108438652d 100644
--- a/nova/templates/bin/_nova-api.sh.tpl
+++ b/nova/templates/bin/_nova-api.sh.tpl
@@ -49,8 +49,7 @@ function start () {
   # Starts Apache2
   exec {{ .Values.conf.software.apache2.binary }} {{ .Values.conf.software.apache2.start_parameters }}
 {{- else }}
-  exec nova-api-os-compute \
-        --config-file /etc/nova/nova.conf
+  exec uwsgi --ini /etc/nova/nova-api-uwsgi.ini
 {{- end }}
 }
 
diff --git a/nova/templates/configmap-etc.yaml b/nova/templates/configmap-etc.yaml
index bca6650bd5..6f00a1ce2a 100644
--- a/nova/templates/configmap-etc.yaml
+++ b/nova/templates/configmap-etc.yaml
@@ -258,6 +258,7 @@ limitations under the License.
 {{- if empty .Values.conf.nova.cinder.auth_url -}}
 {{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.nova.cinder "auth_url" -}}
 {{- end -}}
+
 {{- if empty .Values.conf.nova.cinder.os_region_name -}}
 {{- $_ := set .Values.conf.nova.cinder "os_region_name" .Values.endpoints.identity.auth.cinder.region_name -}}
 {{- end -}}
@@ -284,6 +285,24 @@ limitations under the License.
 {{- $_ := tuple "compute" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.nova.DEFAULT "osapi_compute_listen_port" -}}
 {{- end -}}
 
+{{- if empty .Values.conf.nova_api_uwsgi.uwsgi.processes -}}
+{{- $_ := set .Values.conf.nova_api_uwsgi.uwsgi "processes" .Values.conf.nova.DEFAULT.osapi_compute_workers -}}
+{{- end -}}
+{{- if empty (index .Values.conf.nova_api_uwsgi.uwsgi "http-socket") -}}
+{{- $http_socket_port := tuple "compute" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | toString }}
+{{- $http_socket := printf "0.0.0.0:%s" $http_socket_port }}
+{{- $_ := set .Values.conf.nova_api_uwsgi.uwsgi "http-socket" $http_socket -}}
+{{- end -}}
+
+{{- if empty .Values.conf.nova_metadata_uwsgi.uwsgi.processes -}}
+{{- $_ := set .Values.conf.nova_metadata_uwsgi.uwsgi "processes" .Values.conf.nova.DEFAULT.metadata_workers -}}
+{{- end -}}
+{{- if empty (index .Values.conf.nova_metadata_uwsgi.uwsgi "http-socket") -}}
+{{- $http_socket_port := .Values.network.metadata.port | toString }}
+{{- $http_socket := printf "0.0.0.0:%s" $http_socket_port }}
+{{- $_ := set .Values.conf.nova_metadata_uwsgi.uwsgi "http-socket" $http_socket -}}
+{{- end -}}
+
 {{- if and (empty .Values.conf.logging.handler_fluent) (has "fluent" .Values.conf.logging.handlers.keys) -}}
 {{- $fluentd_host := tuple "fluentd" "internal" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
 {{- $fluentd_port := tuple "fluentd" "internal" "service" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
@@ -323,6 +342,8 @@ data:
   logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }}
   api_audit_map.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.api_audit_map | b64enc }}
   nova-ironic.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova_ironic | b64enc }}
+  nova-api-uwsgi.ini: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova_api_uwsgi | b64enc }}
+  nova-metadata-uwsgi.ini: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova_metadata_uwsgi | b64enc }}
 {{- if .Values.manifests.certificates }}
 {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.mpm_event "key" "mpm_event.conf" "format" "Secret" ) | indent 2 }}
 {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_nova_api "key" "wsgi-api.conf" "format" "Secret" ) | indent 2 }}
diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml
index e7039f56c3..2f0463e916 100644
--- a/nova/templates/deployment-api-metadata.yaml
+++ b/nova/templates/deployment-api-metadata.yaml
@@ -120,6 +120,10 @@ spec:
               mountPath: /tmp/nova-api-metadata.sh
               subPath: nova-api-metadata.sh
               readOnly: true
+            - name: nova-etc
+              mountPath: /etc/nova/nova-metadata-uwsgi.ini
+              subPath: nova-metadata-uwsgi.ini
+              readOnly: true
             - name: nova-bin
               mountPath: /sbin/iptables
               subPath: fake-iptables.sh
diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml
index 4cb6744e0f..88bbf41997 100644
--- a/nova/templates/deployment-api-osapi.yaml
+++ b/nova/templates/deployment-api-osapi.yaml
@@ -108,6 +108,10 @@ spec:
               mountPath: /etc/nova/nova.conf
               subPath: nova.conf
               readOnly: true
+            - name: nova-etc
+              mountPath: /etc/nova/nova-api-uwsgi.ini
+              subPath: nova-api-uwsgi.ini
+              readOnly: true
             {{- if .Values.conf.nova.DEFAULT.log_config_append }}
             - name: nova-etc
               mountPath: {{ .Values.conf.nova.DEFAULT.log_config_append }}
diff --git a/nova/values.yaml b/nova/values.yaml
index f5ac9fa465..f3ce2e6031 100644
--- a/nova/values.yaml
+++ b/nova/values.yaml
@@ -1564,6 +1564,38 @@ conf:
     before:
       enabled: false
       date: 'nil'
+  nova_api_uwsgi:
+    uwsgi:
+      add-header: "Connection: close"
+      buffer-size: 65535
+      die-on-term: true
+      enable-threads: true
+      exit-on-reload: false
+      hook-master-start: unix_signal:15 gracefully_kill_them_all
+      lazy-apps: true
+      log-x-forwarded-for: true
+      master: true
+      procname-prefix-spaced: "nova-api:"
+      route-user-agent: '^kube-probe.* donotlog:'
+      thunder-lock: true
+      worker-reload-mercy: 80
+      wsgi-file: /var/lib/openstack/bin/nova-api-wsgi
+  nova_metadata_uwsgi:
+    uwsgi:
+      add-header: "Connection: close"
+      buffer-size: 65535
+      die-on-term: true
+      enable-threads: true
+      exit-on-reload: false
+      hook-master-start: unix_signal:15 gracefully_kill_them_all
+      lazy-apps: true
+      log-x-forwarded-for: true
+      master: true
+      procname-prefix-spaced: "nova-metadata:"
+      route-user-agent: '^kube-probe.* donotlog:'
+      thunder-lock: true
+      worker-reload-mercy: 80
+      wsgi-file: /var/lib/openstack/bin/nova-metadata-wsgi
 
 # Names of secrets used by bootstrap and environmental checks
 secrets:
@@ -2028,29 +2060,29 @@ pod:
         liveness:
           enabled: True
           params:
-            initialDelaySeconds: 30
-            periodSeconds: 60
-            timeoutSeconds: 15
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            timeoutSeconds: 5
         readiness:
           enabled: True
           params:
-            initialDelaySeconds: 30
-            periodSeconds: 60
-            timeoutSeconds: 15
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            timeoutSeconds: 5
     api-osapi:
       default:
         liveness:
           enabled: True
           params:
-            initialDelaySeconds: 30
-            periodSeconds: 60
-            timeoutSeconds: 15
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            timeoutSeconds: 5
         readiness:
           enabled: True
           params:
-            initialDelaySeconds: 30
-            periodSeconds: 60
-            timeoutSeconds: 15
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            timeoutSeconds: 5
     conductor:
       default:
         liveness:
diff --git a/releasenotes/notes/nova.yaml b/releasenotes/notes/nova.yaml
index a4d146691b..fb587ca848 100644
--- a/releasenotes/notes/nova.yaml
+++ b/releasenotes/notes/nova.yaml
@@ -106,4 +106,5 @@ nova:
   - 0.3.35 Use directory mount for vencrypt certificates
   - 0.3.36 Update Ceph images to Jammy and Reef 18.2.1
   - 0.3.37 Use metadata_listen_port instead of metadata_port
+  - 0.3.38 Using uWSGI
 ...