Skip to content

Commit

Permalink
Added http2 support in Mission Portal with apache and php-fpm
Browse files Browse the repository at this point in the history
Ticket: ENT-11440
Changelog: title
  • Loading branch information
craigcomstock committed Oct 22, 2024
1 parent f159c28 commit 9f38d1e
Show file tree
Hide file tree
Showing 6 changed files with 743 additions and 2 deletions.
65 changes: 64 additions & 1 deletion cfe_internal/enterprise/mission_portal.cf
Original file line number Diff line number Diff line change
@@ -1,9 +1,56 @@
bundle agent cfe_internal_enterprise_mission_portal
{
meta:

"description" string => "Manage mission portal configuration";

classes:
"mission_portal_http2_enabled"
expression => and(
fileexists("$(sys.workdir)/httpd/php/sbin/php-fpm"),
fileexists("$(sys.workdir)/httpd/modules/mod_http2.so")
),
scope => "namespace", # so it is visible in datastate() used in httpd.conf template rendering in bundle cfe_internal_enterprise_mission_portal_apache
comment => "If php-fpm and mod_http2.so are present then http2 is enabled
and we use this class in httpd.conf to configure accordingly.";
vars:
policy_server.enterprise_edition.mission_portal_http2_enabled::
"php_fpm_pid_file" string => $(sys.workdir)/httpd/php-fpm.pid";
"php_fpm_www_pool_max_children" string => ifelse(
isvariable("default:def.php_fpm_www_pool_max_children"),
"$(default:def.php_fpm_www_pool_max_children)",
"50");
"php_fpm_www_pool_start_servers" string => ifelse(
isvariable("default:def.php_fpm_www_pool_start_servers"),
"$(default:def.php_fpm_www_pool_start_servers)",
"40");
"php_fpm_www_pool_min_spare_servers" string => ifelse(
isvariable("default:def.php_fpm_www_pool_min_spare_servers"),
"$(default:def.php_fpm_www_pool_min_spare_servers)",
"35");
"php_fpm_www_pool_max_spare_servers" string => ifelse(
isvariable("default:def.php_fpm_www_pool_max_spare_servers"),
"$(default:def.php_fpm_www_pool_max_spare_servers)",
"45");
"php_fpm_state" data => mergedata(
'{"vars": { "sys": { "workdir": "${default:sys.workdir}" } } }',
'{
"max_children":"${php_fpm_www_pool_max_children}",
"start_servers":"${php_fpm_www_pool_start_servers}",
"min_spare_servers":"${php_fpm_www_pool_min_spare_servers}",
"max_spare_servers":"${php_fpm_www_pool_max_spare_servers}"
}');

reports:
DEBUG::
"Using variable default:def.php_fpm_www_pool_max_children: ${default:def.php_fpm_www_pool_max_children} instead of built-in default"
if => isvariable("default:def.php_fpm_www_pool_max_children");
"Using variable default:def.php_fpm_www_pool_start_servers: ${default:def.php_fpm_www_pool_start_servers} instead of built-in default"
if => isvariable("default:def.php_fpm_www_pool_start_servers");
"Using variable default:def.php_fpm_www_pool_min_spare_servers: ${default:def.php_fpm_www_pool_min_spare_servers} instead of built-in default"
if => isvariable("default:def.php_fpm_www_pool_min_spare_servers");
"Using variable default:def.php_fpm_www_pool_max_spare_servers: ${default:def.php_fpm_www_pool_max_spare_servers} instead of built-in default"
if => isvariable("default:def.php_fpm_www_pool_max_spare_servers");

methods:

policy_server::
Expand All @@ -15,7 +62,23 @@ bundle agent cfe_internal_enterprise_mission_portal
handle => "cfe_internal_management_web_server",
comment => "Manage Apache Web server (on/off)";

policy_server.mission_portal_http2_enabled::
"PHP FastCGI process manager"
usebundle => service_config(
"cf-php-fpm",
"$(this.promise_dirname)/templates/php-fpm.conf.mustache",
"$(sys.workdir)/httpd/php/etc/php-fpm.conf",
"$(sys.workdir)/httpd/php/sbin/php-fpm -t --fpm-config ",
@(php_fpm_state),
"$(php_fpm_pid_file)"
);

services:
policy_server.mission_portal_http2_enabled::
"cf-php-fpm"
service_policy => "start";
}

bundle agent apachectl_patched_for_upgrade
# @brief Ensure that apacehctl is patched so that it is able to re-start services
#
Expand Down
23 changes: 22 additions & 1 deletion cfe_internal/enterprise/templates/httpd.conf.mustache
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,12 @@ DocumentRoot "{{{vars.cfe_internal_hub_vars.public_docroot}}}"
</FilesMatch>

ErrorLog "logs/error_log"
{{#data:cfengine_enterprise_mission_portal_debug_php_fpm}}
LogLevel warn rewrite:trace6 proxy:debug proxy_fcgi:debug dir:debug
{{/data:cfengine_enterprise_mission_portal_debug_php_fpm}}
{{^data:cfengine_enterprise_mission_portal_debug_php_fpm}}
LogLevel warn
{{/data:cfengine_enterprise_mission_portal_debug_php_fpm}}

<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
Expand Down Expand Up @@ -244,10 +249,26 @@ LogLevel warn
</IfModule>


{{#classes.mission_portal_http2_enabled}}
# Use mod_http2
LoadModule http2_module modules/mod_http2.so
# Prefer http2 protocol
Protocols h2 h2c http/1.1

# Setup php to be handled by php-fpm. Required for use of mod_http2 due to threading issues in php.
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
# Need to pass auth headers to fpm
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
<FilesMatch \.php$>
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
{{/classes.mission_portal_http2_enabled}}
{{^classes.mission_portal_http2_enabled}}
LoadModule php{{{vars.cfe_internal_hub_vars.php_version}}}_module modules/libphp{{{vars.cfe_internal_hub_vars.php_version}}}.so
AddHandler php{{{vars.cfe_internal_hub_vars.php_version}}}-script .php
AddType application/x-httpd-php-source php{{{vars.cfe_internal_hub_vars.php_version}}}

{{/classes.mission_portal_http2_enabled}}

<Directory "{{{vars.cfe_internal_hub_vars.public_docroot}}}">

Expand Down
Loading

0 comments on commit 9f38d1e

Please sign in to comment.