2e341f5613
Currently, /var/log/horizon/horizon.log and
/var/log/horizon/gunicorn.log have permission 644. To comply
with the CIS benchmark requirements, the permissions should
be set to 640.
This change updates the permissions of /var/log/horizon/horizon.log
and /var/log/horizon/gunicorn.log to 640.
Test Plan:
PASS: Build ISO and deploy AIO-SX.
PASS: Verify that permission of /var/log/horizon/horizon.log
and /var/log/horizon/gunicorn.log files are set to 640.
PASS: AIO-SX: Login to horizon GUI and perform a lock
operation on contoller-0. The lock operation should be
logged in /var/log/horizon/horizon.log and
/var/log/horizon.log. Log file
/var/log/horizon/gunicorn.log should contain Info
messages like "Starting gunicorn".
Story: 2011241
Task: 51366
Change-Id: I5aaae6c480ca25097880a7fa5548e162e5ef1ff8
Signed-off-by: Jagatguru Prasad Mishra <jagatguruprasad.mishra@windriver.com>
165 lines
4.5 KiB
Bash
Executable File
165 lines
4.5 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
### BEGIN INIT INFO
|
|
# Provides: OpenStack Dashboard
|
|
# Required-Start: networking
|
|
# Required-Stop: networking
|
|
# Default-Start: 2 3 4 5
|
|
# Default-Stop: 0 1 6
|
|
# Short-Description: OpenStack Dashboard
|
|
# Description: Web based user interface to OpenStack services including
|
|
# Nova, Swift, Keystone, etc.
|
|
### END INIT INFO
|
|
|
|
RETVAL=0
|
|
DESC="openstack-dashboard"
|
|
PIDFILE="/var/run/$DESC.pid"
|
|
PYTHON=`which python`
|
|
# Centos packages openstack_dashboard under /usr/share
|
|
#MANAGE="@PYTHON_SITEPACKAGES@/openstack_dashboard/manage.py"
|
|
MANAGE="/usr/share/openstack-dashboard/manage.py"
|
|
EXEC="/usr/bin/gunicorn"
|
|
BIND="localhost"
|
|
PORT="8008"
|
|
WORKER="eventlet"
|
|
WORKERS=`grep workers /etc/openstack-dashboard/horizon-config.ini | cut -f3 -d' '`
|
|
# Increased timeout to facilitate large image uploads
|
|
TIMEOUT="200"
|
|
STATICDIR="/var/www/pages/static"
|
|
BRANDDIR="/opt/branding"
|
|
APPLIEDDIR="/opt/branding/applied"
|
|
TMPUPLOADDIR="/scratch/horizon"
|
|
|
|
source /usr/bin/tsconfig
|
|
|
|
start()
|
|
{
|
|
# Change workers if combined controller/compute
|
|
. /etc/platform/platform.conf
|
|
if [ "${WORKERS}" -lt "2" ]; then
|
|
WORKERS=2
|
|
fi
|
|
|
|
if [ -e $PIDFILE ]; then
|
|
PIDDIR=/proc/$(cat $PIDFILE)
|
|
if [ -d ${PIDDIR} ]; then
|
|
echo "$DESC already running."
|
|
return
|
|
else
|
|
echo "Removing stale PID file $PIDFILE"
|
|
rm -f $PIDFILE
|
|
fi
|
|
fi
|
|
|
|
# Clean up any possible orphaned worker threads
|
|
if lsof -t -i:${PORT} 1> /dev/null 2>&1; then
|
|
kill $(lsof -t -i:${PORT}) > /dev/null 2>&1
|
|
fi
|
|
|
|
rm -rf ${TMPUPLOADDIR}
|
|
mkdir -p ${TMPUPLOADDIR}
|
|
|
|
# extract branding file before server starts
|
|
/usr/bin/horizon-assets-compress
|
|
|
|
echo -n "Starting $DESC..."
|
|
|
|
start-stop-daemon --start --quiet --background --pidfile ${PIDFILE} \
|
|
--make-pidfile --exec ${PYTHON} -- ${EXEC} --preload --bind ${BIND}:${PORT} \
|
|
--worker-class ${WORKER} --workers ${WORKERS} --timeout ${TIMEOUT} \
|
|
--log-syslog \
|
|
--config '/usr/share/openstack-dashboard/guni_config.py' \
|
|
--pythonpath '/usr/share/openstack-dashboard' \
|
|
openstack_dashboard.wsgi
|
|
RETVAL=$?
|
|
if [ $RETVAL -eq 0 ]; then
|
|
echo "done."
|
|
else
|
|
echo "failed."
|
|
fi
|
|
|
|
# now copy customer branding file to CONFIG_PATH/branding if anything updated
|
|
sm-query service drbd-platform | grep enabled-active > /dev/null 2>&1
|
|
IS_ACTIVE=$?
|
|
|
|
if ls ${BRANDDIR}/*.tgz 1> /dev/null 2>&1; then
|
|
LATESTBRANDING=$(ls $BRANDDIR |grep '\.tgz$' | tail -n 1)
|
|
if [ $IS_ACTIVE -eq 0 ]; then
|
|
# Only do the copy if the tarball has changed
|
|
if ! cmp --silent ${BRANDDIR}/${LATESTBRANDING} ${CONFIG_PATH}/branding/${LATESTBRANDING} ; then
|
|
mkdir -p ${CONFIG_PATH}/branding
|
|
rm -rf ${CONFIG_PATH}/branding/*.tgz
|
|
cp -r ${BRANDDIR}/${LATESTBRANDING} ${CONFIG_PATH}/branding
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
# As part of starting horizon we should kill containerized horizon so that it
|
|
# will pickup branding changes
|
|
kubectl --kubeconfig=/etc/kubernetes/admin.conf delete pods -n openstack -l application=horizon 1>/dev/null
|
|
#restrict log file permissions
|
|
chmod 640 /var/log/horizon/horizon.log
|
|
chmod 640 /var/log/horizon/gunicorn.log
|
|
}
|
|
|
|
stop()
|
|
{
|
|
if [ ! -e $PIDFILE ]; then return; fi
|
|
|
|
echo -n "Stopping $DESC..."
|
|
|
|
start-stop-daemon --stop --quiet --pidfile $PIDFILE
|
|
RETVAL=$?
|
|
if [ $RETVAL -eq 0 ]; then
|
|
echo "done."
|
|
else
|
|
echo "failed."
|
|
fi
|
|
rm -rf ${TMPUPLOADDIR}
|
|
rm -f $PIDFILE
|
|
}
|
|
|
|
status()
|
|
{
|
|
pid=`cat $PIDFILE 2>/dev/null`
|
|
if [ -n "$pid" ]; then
|
|
if ps -p $pid &> /dev/null ; then
|
|
echo "$DESC is running"
|
|
RETVAL=0
|
|
return
|
|
else
|
|
RETVAL=1
|
|
fi
|
|
fi
|
|
echo "$DESC is not running"
|
|
RETVAL=3
|
|
}
|
|
|
|
start=$(date +%s%N)
|
|
echo "$(date '+%Y-%m-%dT%H:%M:%S:%3N'): action:${1}:start-at:${start: 0:-6} ms" >> /var/log/horizon_sm.log
|
|
case "$1" in
|
|
start)
|
|
start
|
|
;;
|
|
stop)
|
|
stop
|
|
;;
|
|
restart|force-reload|reload)
|
|
stop
|
|
start
|
|
;;
|
|
status)
|
|
status
|
|
;;
|
|
*)
|
|
echo "Usage: $0 {start|stop|force-reload|restart|reload|status}"
|
|
RETVAL=1
|
|
;;
|
|
esac
|
|
end=$(date +%s%N)
|
|
echo "$(date '+%Y-%m-%dT%H:%M:%S:%3N'): action:${1}:end-at:${end: 0:-6} ms" >> /var/log/horizon_sm.log
|
|
diff=$((end-start))
|
|
echo "$(date '+%Y-%m-%dT%H:%M:%S:%3N'): action:${1}:took:${diff: 0:-6} ms" >> /var/log/horizon_sm.log
|
|
|
|
exit $RETVAL
|