Replace mod_wsgi with uwsgi for designateapi

[omersch381]

mod_wsgi is being removed from upstream sources but OpenStack APIs are still using it downstream, which is very concerning.

This patch replaces mod_wsgi with uwsgi.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: omersch381
Once this PR has been reviewed and has the lgtm label, please assign seanmooney for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[omersch381]

/hold

[softwarefactory-project-zuul]

Build failed (check pipeline). Post recheck (without leading slash)
to rerun all jobs. Make sure the failure cause has been resolved before
you rerun jobs.

https://softwarefactory-project.io/zuul/t/rdoproject.org/buildset/40482290cefc465795b827451d4535fb

❌ openstack-meta-content-provider FAILURE in 20m 07s
⚠️ tcib-crc-podified-edpm-baremetal SKIPPED Skipped due to failed job openstack-meta-content-provider
⚠️ tcib-podified-multinode-edpm-deployment-crc SKIPPED Skipped due to failed job openstack-meta-content-provider

[bogdando]

multiple services do use mod_wsgi. If there is upgrade impact for rhel/centos 10 related to this package, please create a jira issue and link it here.
My concern is that we should get this acked by the release delivery team, I am not sure uwsgi switch would be straightforward

@SeanMooney FYI

[SeanMooney]

mod_wsgi is being removed from upstream sources but OpenStack APIs are still using it downstream, which is very concerning.

This patch replaces mod_wsgi with uwsgi.

that is not actully correct.

we simply changed how we package the wsgi applcation with in the git trees.
this does not alter whether mod_wsgi is supprot or not.

for what it worth i would like to see us move to gunicorn, uvicorn or uwsgi.

so i dont nessiarly see a problem with designate moving now.

we filed https://issues.redhat.com/browse/RHOSSTRAT-220 in 2023 becasue we wanted to intially od this before 18 released to slim down our contianers.

for nova/placement the switch woudl be pretty easy provide we have the package.

the main concern is with ssl termination and ensuring we can still terminate it in the api pod.
terminitating ssl at the openshfit router only instead of in the api pod would be a regersssion form a secuirty point of view and runnign appache just for tls termination in a side care contaienr to delegate to uwsgi like we do in devstack woud defeat orginal goal of slimig down the continers.

designate-operator can simply provide wa wsgi file or point mod_wsgi at the python module that was added upstream as part fo addign supprot for pyproject.toml and the module based wsgi supprot

[SeanMooney]

my the way if i understand the curernt patch correctly the intent was to continue to run apache with mod_ssl todo the tls termination and uwsgi as a second container in the same pod to actully run the actual designate api.

this is exactly how we test with devstack and is a production ready solution so its might eb a first step in the process of removign apache.

i agree with bogdando that checkign with the release team to ensure there are not packaging concerns with uwsgi before proceeding.

uwsgi is currently in mantiance mode which is why i suggested gunicorn which is more maintianed and used by some project like ironic upstream.

[cmsj]

@SeanMooney I think that Jira probably needs to be swapped out for something else - it's asking for action before we even know what that action would be and whether release teams can support it. I don't see any pressing need to do this in 18 though?