Installing Neutron API via WSGI
This document is a guide to deploying neutron using WSGI. There are
two ways to deploy using WSGI: uwsgi
and Apache
mod_wsgi
.
Please note that if you intend to use mode uwsgi, you should install
the mode_proxy_uwsgi
module. For example on deb-based
system:
# sudo apt-get install libapache2-mod-proxy-uwsgi
# sudo a2enmod proxy
# sudo a2enmod proxy_uwsgi
WSGI Application
The function neutron.server.get_application
will setup a
WSGI application to run behind uwsgi and mod_wsgi.
Neutron API behind uwsgi
Create a /etc/neutron/neutron-api-uwsgi.ini
file with
the content below:
[uwsgi]
chmod-socket = 666
socket = /var/run/uwsgi/neutron-api.socket
lazy-apps = true
add-header = Connection: close
buffer-size = 65535
hook-master-start = unix_signal:15 gracefully_kill_them_all
thunder-lock = true
plugins = python
enable-threads = true
worker-reload-mercy = 90
exit-on-reload = false
die-on-term = true
master = true
processes = 2
wsgi-file = <path-to-neutron-bin-dir>/neutron-api
Start neutron-api:
# uwsgi --procname-prefix neutron-api --ini /etc/neutron/neutron-api-uwsgi.ini
Neutron API behind mod_wsgi
Create /etc/apache2/neutron.conf
with content below:
Listen 9696
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\" %D(us)" neutron_combined
<Directory /usr/local/bin>
Require all granted
</Directory>
<VirtualHost *:9696>
WSGIDaemonProcess neutron-server processes=1 threads=1 user=stack display-name=%{GROUP}
WSGIProcessGroup neutron-server
WSGIScriptAlias / <path-to-neutron-bin-dir>/neutron-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat "%M"
ErrorLog /var/log/neutron/neutron.log
CustomLog /var/log/neutron/neutron_access.log neutron_combined
</VirtualHost>
Alias /networking <path-to-neutron-bin-dir>/neutron-api
<Location /networking>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup neutron-server
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>
WSGISocketPrefix /var/run/apache2
For deb-based systems copy or symlink the file to
/etc/apache2/sites-available
. Then enable the neutron
site:
# a2ensite neutron
# systemctl reload apache2.service
For rpm-based systems copy the file to
/etc/httpd/conf.d
. Then enable the neutron site:
# systemctl reload httpd.service
Start Neutron RPC server
When Neutron API is served by a web server (like Apache2) it is
difficult to start an rpc listener thread. So start the Neutron RPC
server process to serve this job:
# /usr/bin/neutron-rpc-server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
Neutron Worker Processes
Neutron will attempt to spawn a number of child processes for
handling API and RPC requests. The number of API workers is set to the
number of CPU cores, further limited by available memory, and the number
of RPC workers is set to half that number.
It is strongly recommended that all deployers set these values
themselves, via the api_workers and rpc_workers configuration
parameters.
For a cloud with a high load to a relatively small number of objects,
a smaller value for api_workers will provide better performance than
many (somewhere around 4-8.) For a cloud with a high load to lots of
different objects, then the more the better. Budget neutron-server using
about 2GB of RAM in steady-state.
For rpc_workers, there needs to be enough to keep up with incoming
events from the various neutron agents. Signs that there are too few can
be agent heartbeats arriving late, nova vif bindings timing out on the
hypervisors, or rpc message timeout exceptions in agent logs.