You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by mr...@apache.org on 2017/06/26 18:42:56 UTC
[incubator-openwhisk-deploy-kube] branch master updated: Update
release to use new HA Controller Properties (#29)
This is an automated email from the ASF dual-hosted git repository.
mrutkowski pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-deploy-kube.git
The following commit(s) were added to refs/heads/master by this push:
new d58cd98 Update release to use new HA Controller Properties (#29)
d58cd98 is described below
commit d58cd988581ce227edfc0606e8363bed1c9935e6
Author: Dan Lavine <dl...@us.ibm.com>
AuthorDate: Mon Jun 26 13:42:55 2017 -0500
Update release to use new HA Controller Properties (#29)
* Update nginx config
* Update controller start command to give index
---
.../environments/kube/files/controller.yml | 2 +-
ansible-kube/roles/nginx/templates/nginx.conf.j2 | 18 +++++++++++---
ansible-kube/templates/whisk.properties.j2 | 29 +++++++++++++++-------
3 files changed, 36 insertions(+), 13 deletions(-)
diff --git a/ansible-kube/environments/kube/files/controller.yml b/ansible-kube/environments/kube/files/controller.yml
index 4b27d74..53493c2 100644
--- a/ansible-kube/environments/kube/files/controller.yml
+++ b/ansible-kube/environments/kube/files/controller.yml
@@ -19,7 +19,7 @@ spec:
- name: controller
imagePullPolicy: Always
image: openwhisk/controller
- command: ["/bin/bash", "-c", "/controller/bin/controller"]
+ command: ["/bin/bash", "-c", "/controller/bin/controller 0"]
ports:
- name: controller
containerPort: 8080
diff --git a/ansible-kube/roles/nginx/templates/nginx.conf.j2 b/ansible-kube/roles/nginx/templates/nginx.conf.j2
index ddd1fc1..059617f 100644
--- a/ansible-kube/roles/nginx/templates/nginx.conf.j2
+++ b/ansible-kube/roles/nginx/templates/nginx.conf.j2
@@ -16,6 +16,15 @@ http {
'$http_referer $http_user_agent $upstream_addr';
access_log /logs/nginx_access.log combined-upstream;
+ upstream controllers {
+ # fail_timeout: period of time the server will be considered unavailable
+ # Mark the controller as unavailable for at least 60 seconds, to not get any requests during restart.
+ # Otherwise, nginx would dispatch requests when the container is up, but the backend in the container not.
+ # From the docs:
+ # "normally, requests with a non-idempotent method (POST, LOCK, PATCH) are not passed to the next server if a request has been sent to an upstream server"
+ server controller.openwhisk:{{ controller.basePort }} fail_timeout=60s;
+ }
+
server {
listen 443 default ssl;
@@ -28,6 +37,9 @@ http {
ssl_session_timeout 10m;
ssl_certificate /etc/nginx/certs/openwhisk-cert.pem;
ssl_certificate_key /etc/nginx/certs/openwhisk-key.pem;
+ {% if nginx.ssl.password_enabled %}
+ ssl_password_file "/etc/nginx/{{ nginx.ssl.password_file }}";
+ {% endif %}
ssl_verify_client off;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
@@ -39,7 +51,7 @@ http {
if ($namespace) {
rewrite /(.*) /api/v1/web/${namespace}/$1 break;
}
- proxy_pass http://{{ controller_host }}:{{ controller.port }};
+ proxy_pass http://controllers;
proxy_read_timeout 70s; # 60+10 additional seconds to allow controller to terminate request
}
@@ -48,7 +60,7 @@ http {
if ($namespace) {
rewrite ^ /api/v1/web/${namespace}/public/index.html break;
}
- proxy_pass http://{{ controller_host }}:{{ controller.port }};
+ proxy_pass http://controllers;
proxy_read_timeout 70s; # 60+10 additional seconds to allow controller to terminate request
}
@@ -57,7 +69,7 @@ http {
}
location /OpenWhiskIOSStarterApp.zip {
- return 301 https://github.com/openwhisk/openwhisk-client-swift/releases/download/0.2.3/starterapp-0.2.3.zip;
+ return 301 https://github.com/apache/incubator-openwhisk-client-swift/releases/download/0.2.3/starterapp-0.2.3.zip;
}
location /cli/go/download {
diff --git a/ansible-kube/templates/whisk.properties.j2 b/ansible-kube/templates/whisk.properties.j2
index 1ab149d..b49c8a4 100644
--- a/ansible-kube/templates/whisk.properties.j2
+++ b/ansible-kube/templates/whisk.properties.j2
@@ -10,8 +10,10 @@ whisk.logs.dir={{ whisk_logs_dir }}
whisk.version.name={{ whisk_version_name }}
whisk.version.date={{ whisk.version.date }}
whisk.version.buildno={{ docker_image_tag }}
-whisk.ssl.cert={{ openwhisk_home }}/ansible/roles/nginx/files/openwhisk-cert.pem
-whisk.ssl.key={{ openwhisk_home }}/ansible/roles/nginx/files/openwhisk-key.pem
+
+# only used for gradle test
+#whisk.ssl.cert={{ nginx.ssl.path }}/{{ nginx.ssl.cert }}
+#whisk.ssl.key={{ nginx.ssl.path }}/{{ nginx.ssl.key }}
whisk.ssl.challenge=openwhisk
{#
@@ -49,7 +51,6 @@ limits.triggers.fires.perMinute={{ limits.triggers.fires.perMinute }}
# DNS host resolution
consulserver.host={{ consul_host }}
invoker.hosts={{ invoker_hosts | join(",") }}
-controller.host={{ controller_host }}
kafka.host={{ kafka_host }}
zookeeper.host={{ zookeeper_host }}
edge.host={{ nginx_host }}
@@ -61,11 +62,9 @@ router.host={{ nginx_host }}
#
# consulserver.host={{ groups["consul_servers"]|first }}
# invoker.hosts={{ groups["invokers"] | join(",") }}
- # controller.host={{ groups["controllers"]|first }}
# kafka.host={{ groups["kafka"]|first }}
# zookeeper.host={{ groups["kafka"]|first }}
# edge.host={{ groups["edge"]|first }}
- # loadbalancer.host={{ groups["controllers"]|first }}
# router.host={{ groups["edge"]|first }}
#}
@@ -73,12 +72,19 @@ edge.host.apiport=443
zookeeper.host.port={{ zookeeper.port }}
kafka.host.port={{ kafka.port }}
kafkaras.host.port={{ kafka.ras.port }}
-controller.host.port={{ controller.port }}
-loadbalancer.host.port={{ controller.port }}
consul.host.port4={{ consul.port.http }}
consul.host.port5={{ consul.port.server }}
invoker.hosts.baseport={{ invoker_port }}
+
+controller.hosts={{ controller_host }}
+#controller.hosts={{ groups["controllers"] | join(",") }}
+
+controller.host.basePort={{ controller.basePort }}
+
+controller.instances=1
+#controller.instances={{ controller.instances }}
+
{#
# ports that are replaced
# using Kube stateful sets, we are able to get
@@ -91,11 +97,16 @@ invoker.hosts.baseport={{ invoker_port }}
invoker.container.network=bridge
invoker.container.policy={{ invoker_container_policy_name | default()}}
+invoker.container.dns={{ invoker_container_network_dns_servers | default()}}
invoker.numcore={{ invoker.numcore }}
invoker.coreshare={{ invoker.coreshare }}
invoker.serializeDockerOp={{ invoker.serializeDockerOp }}
invoker.serializeDockerPull={{ invoker.serializeDockerPull }}
invoker.useRunc={{ invoker_use_runc | default(invoker.useRunc) }}
+invoker.useReactivePool={{ invoker.useReactivePool }}
+
+invoker.instances={{ invoker_count }}
+#invoker.instances={{ invoker.instances }}
consulserver.docker.endpoint={{ groups["consul_servers"]|first }}:{{ docker.port }}
edge.docker.endpoint={{ groups["edge"]|first }}:{{ docker.port }}
@@ -103,10 +114,10 @@ kafka.docker.endpoint={{ groups["kafka"]|first }}:{{ docker.port }}
main.docker.endpoint={{ groups["controllers"]|first }}:{{ docker.port }}
# configure to use the public docker images
+#docker.image.prefix={{ docker_image_prefix }}
docker.image.prefix=openwhisk
docker.registry={{ docker_registry }}
-#docker.image.prefix={{ docker_image_prefix }}
#use.docker.registry=false
docker.port={{ docker.port }}
docker.timezone.mount=
@@ -132,4 +143,4 @@ apigw.auth.pwd={{apigw_auth_pwd}}
apigw.host={{apigw_host}}
apigw.host.v2={{apigw_host_v2}}
-loadbalancer.activationCountBeforeNextInvoker={{ loadbalancer_activation_count_before_next_invoker | default(10) }}
+loadbalancer.invokerBusyThreshold={{ invoker.busyThreshold }}
--
To stop receiving notification emails like this one, please contact
['"commits@openwhisk.apache.org" <co...@openwhisk.apache.org>'].