Skip to content

Migrate Designate Operator to uwsgi #334

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
omersch381 wants to merge 1 commit into
base: main
Choose a base branch
from
+32 −7
Draft

Migrate Designate Operator to uwsgi #334

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions templates/designateapi/bin/init.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,3 +39,6 @@ done
# NOTE:dkehn - REMOVED because Kolla_set & start copy eveyrthing.
# I'm doing this to get the designate.conf w/all the tags with values.
cp -a ${SVC_CFG_MERGED} ${SVC_CFG}

echo "Starting Apache"
/usr/sbin/httpd -DFOREGROUND &
Copy link
Collaborator

@beagles beagles Jun 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The init container is not the appropriate place to run this. What your probably want to do is add another kolla for starting the httpd server and it to the pod template spec for the deployment. For an example, Octavia runs multiple containers (httpd and the provider agent) in the octaviaapi deployment.

Copy link
Contributor

@fmount fmount Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree w/ @beagles. We have a pattern spread across the operators where we rely on side containers for this particular deployment model. It allows to replace the httpd part with something else, and control it based on some variables or annotations.
Glance is probably a great example, because based on the wsgi annotation can switch from ProxyPass to wsgi [1].
In addition, openstack-operator defines a set of ServiceDefaults that can be used to setup the annotation accordingly [2].

I encourage to look at the pattern defined in [1] [2] and keep httpd as the basic building block, and provide options to switch to a different mechanism as an opt-in decision.

[1] https://github.com/openstack-k8s-operators/glance-operator/pulls?q=is%3Apr+is%3Aclosed+wsgi
[2] openstack-k8s-operators/openstack-operator#1439

8 changes: 7 additions & 1 deletion templates/designateapi/config/designate-api-config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"command": "/usr/sbin/httpd -DFOREGROUND",
"command": "/usr/bin/uwsgi --ini /etc/designate/designate-api-uwsgi.ini",
"config_files": [
{
"source": "/var/lib/config-data/merged/designate.conf",
Expand Down Expand Up @@ -31,6 +31,12 @@
"owner": "root",
"perm": "0644"
},
{
"source": "/var/lib/config-data/merged/designate-api-uwsgi.ini",
"dest": "/etc/designate/designate-api-uwsgi.ini",
"owner": "designate",
"perm": "0600"
},
{
"source": "/var/lib/config-data/tls/certs/*",
"dest": "/etc/pki/tls/certs/",
Expand Down
19 changes: 19 additions & 0 deletions templates/designateapi/config/designate-api-uwsgi.ini
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# copied from our u/s jobs, we probably need to change some config options here
[uwsgi]
http-socket = 127.0.0.1:60053
chmod-socket = 666
socket = /var/run/uwsgi/designate-api-wsgi.socket
start-time = %t
lazy-apps = true
add-header = Connection: close
buffer-size = 65535
hook-master-start = unix_signal:15 gracefully_kill_them_all
thunder-lock = true
plugins = http,python3
enable-threads = true
worker-reload-mercy = 80
exit-on-reload = false
die-on-term = true
master = true
processes = 2
module = designate.wsgi.api:application
9 changes: 3 additions & 6 deletions templates/designateapi/config/httpd.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,11 +46,8 @@ TimeOut {{ $.TimeOut }}
SSLCertificateKeyFile "{{ $vhost.SSLCertificateKeyFile }}"
{{- end }}

## WSGI configuration
WSGIProcessGroup {{ $endpt }}
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
WSGIDaemonProcess {{ $endpt }} processes=5 threads=1 user=designate group=designate display-name={{ $endpt }}
WSGIScriptAlias / "/usr/bin/designate-api-wsgi"
# ProxyPass configuration for uwsgi
ProxyPass "/dns" "http://127.0.0.1:60053" retry=0
Copy link

@johnsom johnsom Jun 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would recommend adding "acquire=1" here.


</VirtualHost>
{{ end }}