Commit 49e2a2ae authored by Rafael Monnerat's avatar Rafael Monnerat

apache-frontend: Delay reload apache configuration

  Wait for 60 to reload apache configuration in order to accumulate
  several logrotate runs.

  If the amount of slaves are too high, the number of logs are high,
  so the entries on logrotate are also high. So it is enough to DDoS
  with a huge amount of 'kill -1', so delay is the only way to avoid
  to re-implement logrotate existing features.

  Only reload the apache configuration if the the apache configuration
  or the certificates contains a change, else don't reload it.

  Keep a command on bin folder to force reload of configuration in
  case it is required.
parent 4101882c
......@@ -19,7 +19,7 @@ md5sum = f686f765e55d1dce2e55a400f0714b3e
[template-apache-frontend]
filename = instance-apache-frontend.cfg
md5sum = e2f60121bc1116319b4d20b4c4badc1c
md5sum = 86f9ace5eb5ac28dbc173e1803952f03
[template-apache-replicate]
filename = instance-apache-replicate.cfg.in
......@@ -27,7 +27,7 @@ md5sum = 9b17c835bcd927269cf510bf612f5985
[template-slave-list]
filename = templates/apache-custom-slave-list.cfg.in
md5sum = 5d9ac851493534c90397d453497c21b4
md5sum = 4010f7366262d00c33f9e7f53f63d42e
[template-slave-configuration]
filename = templates/custom-virtualhost.conf.in
......@@ -43,7 +43,7 @@ md5sum = 070658d10546b5a69fe291e0da876e62
[template-custom-slave-list]
filename = templates/apache-custom-slave-list.cfg.in
md5sum = 5d9ac851493534c90397d453497c21b4
md5sum = 4010f7366262d00c33f9e7f53f63d42e
[template-not-found-html]
filename = templates/notfound.html
......@@ -92,3 +92,11 @@ md5sum = a5186f666acb2f040ede04c91e60408f
[template-nginx-notebook-slave-virtualhost]
filename = templates/nginx-notebook-slave.conf.in
md5sum = 82d74a7f2aceb2b4a7acc6259291b7f2
[template-apache-lazy-script-call]
filename = templates/apache-lazy-script-call.sh.in
md5sum = ebe5d3d19923eb812a40019cb11276d8
[template-apache-graceful-script]
filename = templates/apache-graceful-script.sh.in
md5sum = 41299cc64200e7b8217fb9dec20bb8b9
......@@ -141,6 +141,14 @@ url = ${:_profile_base_location_}/templates/nginx.cfg.in
output = ${buildout:directory}/template-nginx.cfg.in
mode = 0644
[template-apache-lazy-script-call]
<=download-template
filename = apache-lazy-script-call.sh.in
[template-apache-graceful-script]
<=download-template
filename = apache-graceful-script.sh.in
[template-nginx-eventsource-slave-virtualhost]
<=download-template
filename = nginx-eventsource-slave.conf.in
......
......@@ -172,8 +172,6 @@ extra-context =
key nginx_configuration_directory apache-directory:nginx-slave-configuration
key apache_cached_configuration_directory apache-directory:slave-with-cache-configuration
key slave_with_cache_configuration_directory apache-directory:slave-with-cache-configuration
key cached_port apache-configuration:cache-through-port
key ssl_cached_port apache-configuration:ssl-cache-through-port
key http_port instance-parameter:configuration.plain_http_port
key https_port instance-parameter:configuration.port
key nginx_http_port instance-parameter:configuration.plain_nginx_port
......@@ -185,7 +183,6 @@ extra-context =
key apache_log_directory apache-directory:slave-log
key local_ipv4 instance-parameter:ipv4-random
key global_ipv6 slap-network-information:global-ipv6
key cache_port apache-configuration:cache-port
key varnginx directory:varnginx
key empty_template software-release-path:template-empty
key template_custom_slave_configuration software-release-path:template-slave-configuration
......@@ -194,6 +191,7 @@ extra-context =
key template_eventsource_slave_configuration software-release-path:template-nginx-eventsource-slave-virtualhost
key template_notebook_slave_configuration software-release-path:template-nginx-notebook-slave-virtualhost
raw software_type single-custom-personal
key frontend_lazy_graceful_reload frontend-apache-lazy-graceful:rendered
section logrotate_dict logrotate
section frontend_configuration frontend-configuration
section apache_configuration apache-configuration
......@@ -372,7 +370,7 @@ name = apache
log = $${apache-configuration:error-log} $${apache-configuration:access-log}
frequency = daily
rotatep-num = 30
post = $${apache-configuration:frontend-graceful-command}
post = $${frontend-apache-lazy-graceful:rendered} &
sharedscripts = true
notifempty = true
create = true
......@@ -500,14 +498,35 @@ mode = 700
### End of ATS sections
### Apaches Graceful and promises
[frontend-apache-graceful]
[frontend-apache-graceful-bin]
< = jinja2-template-base
template = ${template-wrapper:output}
rendered = $${directory:etc-run}/frontend-apache-safe-graceful
rendered = $${directory:bin}/frontend-apache-safe-graceful
mode = 0700
extra-context =
key content apache-configuration:frontend-graceful-command
[frontend-apache-graceful]
< = jinja2-template-base
template = ${template-apache-graceful-script:target}
rendered = $${directory:etc-run}/frontend-apache-safe-graceful
mode = 0700
extra-context =
key directory_run directory:run
key directory_etc directory:etc
key apache_graceful_reload_command apache-configuration:frontend-graceful-command
[frontend-apache-lazy-graceful]
< = jinja2-template-base
template = ${template-apache-lazy-script-call:target}
rendered = $${directory:bin}/frontend-apache-lazy-graceful
mode = 0700
pid-file = $${directory:run}/lazy-graceful.pid
extra-context =
key pid_file :pid-file
raw wait_time 60
key lazy_command apache-configuration:frontend-graceful-command
# Promises checking configuration:
[promise-frontend-apache-configuration]
< = jinja2-template-base
......
......@@ -2,6 +2,9 @@
{% set cached_server_dict = {} -%}
{% set part_list = [] -%}
{% set cache_port = apache_configuration.get('cache-port') %}
{% set cached_port = apache_configuration.get('cache-through-port') %}
{% set ssl_cached_port = apache_configuration.get('ssl-cache-through-port') %}
{% set cache_access = "http://%s:%s" % (local_ipv4, cache_port) -%}
{% set ssl_cache_access = "http://%s:%s/HTTPS" % (local_ipv4, cache_port) -%}
{% set TRUE_VALUES = ['y', 'yes', '1', 'true'] -%}
......@@ -27,7 +30,7 @@ context =
{{ key }} = {{ value }}
{% endfor %}
post = {{ apache_configuration.get('frontend-graceful-command') }}
post = {{ frontend_lazy_graceful_reload }} &
frequency = daily
rotatep-num = 30
sharedscripts = true
......
#!/bin/sh
RUN_DIR={{ directory_run }}
ETC_DIR={{ directory_etc }}
APACHE_SIGNATURE_FILE=$RUN_DIR/apache_configuration.signature
NAPACHE_SIGNATURE_FILE=$RUN_DIR/napache_configuration.signature
touch $APACHE_SIGNATURE_FILE
sha256sum $ETC_DIR/apache*.conf $ETC_DIR/apache-*.d/*.conf $ETC_DIR/apache-*.d/ssl/*.*key $ETC_DIR/apache-*.d/ssl/*.*crt* | sort -k 66 > $NAPACHE_SIGNATURE_FILE
# If no diff, no restart for now
if diff "$APACHE_SIGNATURE_FILE" "$NAPACHE_SIGNATURE_FILE"; then
echo "Nothing Changed, so nothing to reload"
exit 0
fi
echo "Reloading apache.."
{{ apache_graceful_reload_command }}
mv "$NAPACHE_SIGNATURE_FILE" "$APACHE_SIGNATURE_FILE"
#!/bin/bash
PID=$$
PIDFILE={{ pid_file }}
sleep $((RANDOM % 10))
if [ ! -f $PIDFILE ]; then
echo $PID > $PIDFILE
sleep {{ wait_time }}
{{ lazy_command }}
else
ps --pid `cat $PIDFILE` &>/dev/null
if [ $? -eq 0 ]; then
echo "Skipped"
else
echo $PID > $PIDFILE
sleep {{ wait_time }}
{{ lazy_command }}
fi
fi
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment