ondemand
ondemand copied to clipboard
OSC
nginx stage configuration is not possible
ISSUE: Add ability to change configuration strings like pun_access_log_path and other config variables that have defaults set in nginx_stage/lib/nginx_stage/configuration.rb
Found Bugs in apache httpd 2.4 and the current ondemand source (master branch); because of the apache httpd bugs a patch may depend on what version of apache httpd 2.4 is used. I expect that some GNU/Linux distributions already patch apache httpd.
I wish to change some of the default configuration strings, at start up time, that are set in nginx_stage/lib/nginx_stage/configuration.rb. An interface to do this is defined in nginx_stage/lib/nginx_stage.rb by setting env variable NGINX_STAGE_CONFIG_FILE.
Hence NGINX_STAGE_CONFIG_FILE must be set in the apache httpd.conf file which is a way variables are passed to server back end scripts.
- Apache httpd BUGS Apache httpd 2.4 bugs, in many latest versions near and around 2.4.41 SetEnv does not work for lua scripts. Workaround use IfSetEnv. Leads to another bug. IfSetEnv does not support strings with spaces so doing SetEnvIf Request_Method . OOD_PUN_STAGE_CMD="sudo @ONDEMAND_PREFIX@/nginx_stage/sbin/nginx_stage" does not work. So a workaround can be to make a wrapper script that calls "exec sudo cmd" so that there will be no space in the path to the wrapper script.
- ondemand BUG Adding this next line to conf/httpd.conf lets us tell the lua scripts this variable value SetEnvIf Request_Method . NGINX_STAGE_CONFIG_FILE=@ROOTDIR@/conf/nginx_stage.yml But the lua script does not push any environment variables to the call to mod_ood_proxy/lib/ood/nginx_stage.lua: local handle = io.popen(cmd, "r") It seems crazy to me but Lua does not seem to support setenv() but if the shell that popen() launches is bash you can set environment variables in the command line like so:
cmd = "NGINX_STAGE_CONFIG_FILE=/home/lance/git/OpenOnDemand/ood_example_service_01/conf/nginx_stage.yml " .. cmd local handle = io.popen(cmd, "r") -- nginx_stage.lua: line 68 master branch
Now I see my conf/nginx_stage.yml is being parsed in the server spew/logs.
Many other variables can be added to the bash command line like so:
cmd = "FOO=bar FOO2=bar2 FOO3=bar3 my_command"
I'm trying to run an ondemand service on ubuntu and debian. I doubt I can do that without configuration working.
--lance
┆Issue is synchronized with this Asana task by Unito
So to clarify, you are having problems with https://github.com/OSC/ondemand/blob/ad4be2929565d23e195d5b54f61af411d88e6031/nginx_stage/lib/nginx_stage.rb#L34-L36 because you want to use an nginx_stage.yml that is in a different location than the default location /etc/ood/config/nginx_stage.yml for customization? If you can use /etc/ood/config/nginx_stage.yml then you do not need to set NGINX_STAGE_CONFIG_FILE. An alternative is if you create an /etc/ood/profile that sets NGINX_STAGE_CONFIG_FILE. That profile is loaded by the nginx_stage script:
https://github.com/OSC/ondemand/blob/ad4be2929565d23e195d5b54f61af411d88e6031/nginx_stage/sbin/nginx_stage#L18-L20
Yes, "different location than the default location /etc/ood/config/nginx_stage.yml for customization".
Does anyone in the group know about these apache httpd BUGS? I would think that would be important to know.
@treydock may know, though we have a downtime tomorrow so it may be Wednesday or Thursday before we have a response
I am not aware of those bugs. Why not customize /etc/ood/config/nginx_stage.yml? Or Eric's alternative of setting environment variables in /etc/ood/profile? We are at RedHat's mercy for fixing bugs in SCL Apache or OS Apache in RHEL8. I could try opening a case with RedHat but no guarantees that would go anywhere.
@lanceman2 have you tried modifying the way Apache starts to set the environment variable beforehand? SetEnv doesn't set the OS env just the Apache "env".
Actually my suggestion wouldn't work if sudo is not passed -E. Apache’s env would just be stripped. If that’s the case then that is an oversight because it would seem that you couldn’t easily configure OnDemand with config files that are not under /etc/ood/...
This worked for me on CentOS7, so there may be something comparable for Ubuntu and Debian.
-
In the systemd file startup file for Apache (or whatever comparable startup file you are using) set the environment variable
NGINX_STAGE_CONFIG_FILE- https://coreos.com/os/docs/latest/using-environment-variables-in-systemd-units.html. For example, I edited/etc/systemd/system/httpd24-httpd.service.d/ood.confby adding this line to the bottom of the file:Environment=NGINX_STAGE_CONFIG_FILE=/home/vagrant/nginx_stage.yml -
In the sudoers file to enable Apache to execute nginx_stage, pass through the environment variable
NGINX_STAGE_CONFIG_FILE- https://wiki.archlinux.org/index.php/Sudo#Environment_variables. For example, I edited/etc/sudoers.d/oodadding this line in the middle of the file:Defaults env_keep += "NGINX_STAGE_CONFIG_FILE"
The result is:
[vagrant@localhost ~]$ sudo cat /etc/sudoers.d/ood
Defaults:apache !requiretty, !authenticate
Defaults env_keep += "NGINX_STAGE_CONFIG_FILE"
apache ALL=(ALL) NOPASSWD: /opt/ood/nginx_stage/sbin/nginx_stage
and
[vagrant@localhost ~]$ cat /etc/systemd/system/httpd24-httpd.service.d/ood.conf
[Service]
KillSignal=SIGTERM
KillMode=process
PrivateTmp=false
Environment=NGINX_STAGE_CONFIG_FILE=/home/vagrant/nginx_stage.yml
To verify this worked, I changed /home/vagrant/nginx_stage.yml so
pun_custom_env:
OOD_DASHBOARD_TITLE: "OSC OnDemand"
was in the file, and that successfully set the env var OOD_DASHBOARD_TITLE for all the apps and changed the title of the Dashboard in the top left corner.
Sorry for the delay,
Our team reviewed this issue and we're unable to replicate the bugs. We provided a workaround and we provide packages for Ubuntu and Debian now, so configuration for the nginx_stage should work. If there are any new issues please let us know and open an issue in Github.
Thanks!
