Ubuntu下在Apache中運行Keystone

　　最近一次從Github上更新Keystone的代碼後,發現原來bin/keystone-all和bin/keystone-manage都不見了,取而代之的是keystone/cmd/目錄下的all.py和manage.py兩個python腳本.雖然在測試的virtualenv環境下仍然能夠執行原來的命令,可是想試着在Apache中運行Keystone,畢竟這已是社區力推的啓動方式了.

　　個人系統是Ubuntu,安裝了sysv-rc-conf來管理開機時啓動的服務,包括Apache2, MySQL, RabbitMQ等:

# apt-get install -y sysv-rc-conf

 

　　要管理系統啓動時加載的服務時只要輸入 # sysv-rc-conf便可, 移動光標到對應運行級的括號內按空格就能夠選擇或者反選.

　　想要Apache加載Python服務器腳本,須要爲Apache添加mod_wsgi模塊,我比較喜歡簡潔的方式,沒有本身一步步配置,直接將其安裝到Apache2中:

# apt-get install libapache2-mod-wsgi

　　

　　接下來要告訴Apache每次啓動的時候加載Keystone,先將Keystone源碼repo中httpd/wsgi-keystone.conf複製到/etc/apache2/conf-available/

# cp /home/openstack/keystone/httpd/wsgi-keystone.conf /etc/apache2/conf-available

　　這裏/home/openstack/keystone是我克隆Keystone源碼的位置,須要根據實際狀況改動. Ubuntu上Apache2的配置目錄爲/etc/apache2/,CentOS等系統上爲/etc/httpd/,須要根據狀況改動.
　　

　　接着在/etc/apache2/conf-enabled/目錄中建立一個指向/etc/apache2/conf-available/wsgi-keystone.conf的同名軟連接:

# cd /etc/apache2/conf-enabled/
# ln -s /etc/apache2/conf-available/wsgi-keystone.conf wsgi-keystone.conf

 　　

　　而後根據須要修改/etc/apache2/conf-available/wsgi-keystone.conf文件

Listen 5000
Listen 35357

<VirtualHost *:5000>
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /var/www/cgi-bin/keystone/main
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    <IfVersion >= 2.4>
      ErrorLogFormat "%{cu}t %M"
    </IfVersion>
    ErrorLog /var/log/apache2/keystone.log
    CustomLog /var/log/apache2/keystone_access.log combined
</VirtualHost>

<VirtualHost *:35357>
    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    <IfVersion >= 2.4>
      ErrorLogFormat "%{cu}t %M"
    </IfVersion>
    ErrorLog /var/log/apache2/keystone.log
    CustomLog /var/log/apache2/keystone_access.log combined
</VirtualHost>

　　在WSGIDaemonProcess中設置啓動Keystone服務器的進程數,線程數,啓動服務器的用戶等, 這些值須要根據具體的環境進行修改;\

　　在WSGIScriptAlias處設置啓動腳本的位置, 若是指定/var/www/cgi-bin/keystone/main,那麼這個文件(連接)必須存在;

　　在ErrorLog 處設置Keystone錯誤日誌的路徑,這個日誌是由HTTPD根據Keystone的運行結果維護的,Ubuntu和紅帽系的OS在Apache2的目 錄名稱上可能不一樣,好比Ubuntu中Apache2的日誌維護在/var/log/apache2/, 而CentOS等系統中Apache2的日誌維護在/var/log/httpd/;

　　在CustomLog處設置Keystone訪問日誌的路徑,注意事項同ErrorLog.

　　

　　conf文件配置完成後,建立目錄/var/www/cgi-bin/keystone/, 爲其中添加兩個軟連接main和admin,他們都指向keystone/httpd/keystone.py

# mkdir /var/www/cgi-bin/keystone; cd /var/www/cgi-bin/keystone
# ln -s /home/openstack/keystone/httpd/keystone.py main
# ln -s /home/openstack/keystone/httpd/keystone.py admin

　　

　　而後重啓Apache2服務便可,若是但願開機時Keystone就加載運行,使用sysv-rc-conf將Apache2設置爲開機啓動便可.

　　查看Keystone服務器進程,發現如今它已經在HTTPD中運行了,注意若是keystone.conf文件中也配置了日誌文件log_file, 那麼Keystone的錯誤日誌將會輸出兩份,一份由HTTPD維護,一份由Keystone維護,可是兩者的內容是同樣的.

# ps aux | grep keystone
darren    2582  0.0  0.1 176308  5692 ?        Sl   12:29   0:00 (wsgi:keystone-pu -k start
darren    2583  0.0  0.1 176308  5692 ?        Sl   12:29   0:00 (wsgi:keystone-pu -k start
darren    2584  0.0  0.1 176308  5692 ?        Sl   12:29   0:00 (wsgi:keystone-pu -k start
darren    2585  0.0  0.1 176308  5692 ?        Sl   12:29   0:00 (wsgi:keystone-pu -k start
darren    2586  0.0  0.1 176316  5692 ?        Sl   12:29   0:00 (wsgi:keystone-pu -k start
darren    2587  0.0  0.1 176308  5692 ?        Sl   12:29   0:00 (wsgi:keystone-ad -k start
darren    2588  0.0  0.1 176316  5692 ?        Sl   12:29   0:00 (wsgi:keystone-ad -k start
darren    2589  0.0  0.1 176308  5692 ?        Sl   12:29   0:00 (wsgi:keystone-ad -k start
darren    2590  0.0  0.1 176308  5692 ?        Sl   12:29   0:00 (wsgi:keystone-ad -k start
darren    2591  0.0  0.1 176308  5692 ?        Sl   12:29   0:00 (wsgi:keystone-ad -k start