Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stop injecting python code in the configuration #52

Merged
merged 1 commit into from
Jan 30, 2025
+4 −106
Merged

Stop injecting python code in the configuration #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions templates/watcher/config/10-watcher-wsgi-main.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Although it's unrelated with removing the main file from here. There are another couple of issues related to httpd config:

  • I've realized we are not getting the apache access and error logs from the pods. I think we should set errorlog, customlog, etc... to stdout so that openshift shows it in oc logs -c watcher-api . See:

https://github.com/openstack-k8s-operators/nova-operator/blob/main/templates/novaapi/config/httpd.conf#L25-L30

and

https://github.com/openstack-k8s-operators/nova-operator/blob/main/templates/novaapi/config/httpd.conf#L53-L59

We can fix it in follow-up if you prefer.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks that's a good point about the logs, I have another PR prepared after this one with more fixes for the config files, I can add it to that one. Simlarly, I have the ssl file added in a different patch where I' working to add more TLS support.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good callout on the logging ya we should do that but i agree that can be in a separate pr.

## WSGI configuration
WSGIApplicationGroup %{GLOBAL}
WSGIDaemonProcess {{ $endpt }} display-name={{ $endpt }} group=watcher processes=8 threads=1 user=watcher
WSGIDaemonProcess {{ $endpt }} display-name={{ $endpt }} group=watcher processes=2 threads=1 user=watcher
WSGIProcessGroup {{ $endpt }}
WSGIScriptAlias / "/var/www/cgi-bin/watcher/main"
WSGIScriptAlias / "/usr/bin/watcher-api-wsgi"
</VirtualHost>
{{ end }}
{{ end }}
2 changes: 2 additions & 0 deletions templates/watcher/config/httpd.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ User apache
Group apache
Listen {{ .APIPublicPort }}


AccessFileName .htaccess
<FilesMatch "^\.ht">
Require all denied
Expand All @@ -32,6 +33,7 @@ AccessFileName .htaccess
LogLevel debug
EnableSendfile On

TypesConfig /etc/mime.types
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

so previously we were getting mime.conf becuase of the Include on the next line 37...
but you now removed that, so we need to configure this TypesConfig here explicitly ?
(for my own understanding)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

exactly, that's what other operators do, e.g nova https://github.com/openstack-k8s-operators/nova-operator/blob/0933c978bad435a91ec3fff1121f762a93e9bba9/templates/novaapi/config/httpd.conf#L13 or keystone https://github.com/openstack-k8s-operators/keystone-operator/blob/ced167413cf979dfdbaec16468115894af26384c/templates/keystoneapi/config/httpd.conf#L13

Include "/etc/httpd/conf.modules.d/*.conf"

LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
Expand Down
52 changes: 0 additions & 52 deletions templates/watcher/config/main
View file
Open in desktop

This file was deleted.

38 changes: 0 additions & 38 deletions templates/watcher/config/mime.conf
View file
Open in desktop

This file was deleted.

14 changes: 0 additions & 14 deletions templates/watcher/config/watcher-api-config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,20 +34,6 @@
"owner": "root",
"perm": "0640",
"optional": true
},
{
"source": "/var/lib/config-data/default/main",
"dest": "/var/www/cgi-bin/watcher/main",
"owner": "watcher",
"perm": "0640",
"optional": true
},
{
"source": "/var/lib/config-data/default/mime.conf",
"dest": "/etc/httpd/conf.modules.d/mime.conf",
"owner": "root",
"perm": "0640",
"optional": true
}
],
"permissions": [
Expand Down