Implement Ansible role for Swift
This currently deploys the core services for a working Swift which are account/container/object/proxy. I've included some basic docs in docs/swift-related.rst, which gives usage instructions and more context on this patch. These are really to give an overview of the state of Swift in Kolla as of now, so unless there's some major inaccuracy there please don't nitpick it. Change-Id: Id0c54be3e24c46459c40b16b7020f05bddbe1b19 Implements: blueprint ansible-swift
This commit is contained in:
parent
32d48e6fb7
commit
515cf2af68
@ -91,6 +91,10 @@ cinder_api_port: "8776"
|
||||
|
||||
memcached_port: "11211"
|
||||
|
||||
swift_proxy_server_port: "8080"
|
||||
swift_object_server_port: "6000"
|
||||
swift_account_server_port: "6001"
|
||||
swift_container_server_port: "6002"
|
||||
|
||||
####################
|
||||
# Openstack options
|
||||
@ -130,6 +134,7 @@ enable_rabbitmq: "yes"
|
||||
# Additional optional OpenStack services are specified here
|
||||
enable_cinder: "no"
|
||||
enable_horizon: "yes"
|
||||
enable_swift: "no"
|
||||
|
||||
####################
|
||||
# RabbitMQ options
|
||||
|
@ -45,6 +45,9 @@ control
|
||||
[horizon:children]
|
||||
control
|
||||
|
||||
[swift:children]
|
||||
control
|
||||
|
||||
|
||||
# Additional control implemented here. These groups allow you to control which
|
||||
# services run on which hosts at a per-service level.
|
||||
@ -95,3 +98,16 @@ cinder
|
||||
|
||||
[cinder-volume:children]
|
||||
storage
|
||||
|
||||
# Swift
|
||||
[swift-proxy-server:children]
|
||||
swift
|
||||
|
||||
[swift-account-server:children]
|
||||
storage
|
||||
|
||||
[swift-container-server:children]
|
||||
storage
|
||||
|
||||
[swift-object-server:children]
|
||||
storage
|
||||
|
@ -51,6 +51,9 @@ control
|
||||
[horizon:children]
|
||||
control
|
||||
|
||||
[swift:children]
|
||||
control
|
||||
|
||||
|
||||
# Additional control implemented here. These groups allow you to control which
|
||||
# services run on which hosts at a per-service level.
|
||||
@ -101,3 +104,16 @@ cinder
|
||||
|
||||
[cinder-volume:children]
|
||||
storage
|
||||
|
||||
# Swift
|
||||
[swift-proxy-server:children]
|
||||
storage
|
||||
|
||||
[swift-account-server:children]
|
||||
storage
|
||||
|
||||
[swift-container-server:children]
|
||||
storage
|
||||
|
||||
[swift-object-server:children]
|
||||
storage
|
||||
|
58
ansible/roles/swift/defaults/main.yml
Normal file
58
ansible/roles/swift/defaults/main.yml
Normal file
@ -0,0 +1,58 @@
|
||||
---
|
||||
project_name: "swift"
|
||||
|
||||
####################
|
||||
# Docker
|
||||
####################
|
||||
swift_proxy_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-proxy-server"
|
||||
swift_proxy_server_tag: "{{ openstack_release }}"
|
||||
swift_proxy_server_image_full: "{{ swift_proxy_server_image }}:{{ swift_proxy_server_tag }}"
|
||||
|
||||
swift_data_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-data"
|
||||
swift_data_tag: "{{ openstack_release }}"
|
||||
swift_data_image_full: "{{ swift_data_image }}:{{ swift_data_tag }}"
|
||||
|
||||
swift_account_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-account-server"
|
||||
swift_account_server_tag: "{{ openstack_release }}"
|
||||
swift_account_server_image_full: "{{ swift_account_server_image }}:{{ swift_account_server_tag }}"
|
||||
|
||||
swift_container_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-container-server"
|
||||
swift_container_server_tag: "{{ openstack_release }}"
|
||||
swift_container_server_image_full: "{{ swift_container_server_image }}:{{ swift_container_server_tag }}"
|
||||
|
||||
swift_object_auditor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-auditor"
|
||||
swift_object_auditor_tag: "{{ openstack_release }}"
|
||||
swift_object_auditor_image_full: "{{ swift_object_auditor_image }}:{{ swift_object_auditor_tag }}"
|
||||
|
||||
swift_object_expirer_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-expirer"
|
||||
swift_object_expirer_tag: "{{ openstack_release }}"
|
||||
swift_object_expirer_image_full: "{{ swift_object_expirer_image }}:{{ swift_object_expirer_tag }}"
|
||||
|
||||
swift_object_replicator_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-replicator"
|
||||
swift_object_replicator_tag: "{{ openstack_release }}"
|
||||
swift_object_replicator_image_full: "{{ swift_object_replicator_image }}:{{ swift_object_replicator_tag }}"
|
||||
|
||||
swift_object_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-server"
|
||||
swift_object_server_tag: "{{ openstack_release }}"
|
||||
swift_object_server_image_full: "{{ swift_object_server_image }}:{{ swift_object_server_tag }}"
|
||||
|
||||
swift_object_updater_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-updater"
|
||||
swift_object_updater_tag: "{{ openstack_release }}"
|
||||
swift_object_updater_image_full: "{{ swift_object_updater_image }}:{{ swift_object_updater_tag }}"
|
||||
|
||||
####################
|
||||
# Openstack
|
||||
####################
|
||||
swift_public_address: "{{ kolla_external_address }}"
|
||||
swift_admin_address: "{{ kolla_internal_address }}"
|
||||
swift_internal_address: "{{ kolla_internal_address }}"
|
||||
|
||||
swift_logging_verbose: "{{ openstack_logging_verbose }}"
|
||||
swift_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
swift_keystone_user: "swift"
|
||||
swift_admin_tenant_name: "admin"
|
||||
|
||||
swift_devices_mount_point: "/srv/node"
|
||||
|
||||
openstack_swift_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
4
ansible/roles/swift/meta/main.yml
Normal file
4
ansible/roles/swift/meta/main.yml
Normal file
@ -0,0 +1,4 @@
|
||||
---
|
||||
dependencies:
|
||||
- { role: common }
|
||||
- { role: memcached }
|
19
ansible/roles/swift/tasks/bootstrap.yml
Normal file
19
ansible/roles/swift/tasks/bootstrap.yml
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
- name: Starting Swift data container
|
||||
docker:
|
||||
docker_api_version: "{{ docker_api_version }}"
|
||||
net: host
|
||||
pull: "{{ docker_pull_policy }}"
|
||||
restart_policy: "{{ docker_restart_policy }}"
|
||||
restart_policy_retry: "{{ docker_restart_policy_retry }}"
|
||||
state: reloaded
|
||||
registry: "{{ docker_registry }}"
|
||||
username: "{{ docker_registry_username }}"
|
||||
password: "{{ docker_registry_password }}"
|
||||
insecure_registry: "{{ docker_insecure_registry }}"
|
||||
name: swift_data
|
||||
image: "{{ swift_data_image_full }}"
|
||||
volumes:
|
||||
- "/srv/node/sdb1"
|
||||
- "/srv/node/sdb2"
|
||||
- "/srv/node/sdb3"
|
84
ansible/roles/swift/tasks/config.yml
Normal file
84
ansible/roles/swift/tasks/config.yml
Normal file
@ -0,0 +1,84 @@
|
||||
---
|
||||
# TODO(pbourke): There needs to be one swift.conf generated per service for updates to work
|
||||
# correctly. Figure out a way (with_items seems to not be allowed when using include)
|
||||
- include: ../../config.yml
|
||||
vars:
|
||||
service_name: "swift"
|
||||
config_source:
|
||||
- "roles/swift/templates/swift.conf.j2"
|
||||
- "/etc/kolla/config/global.conf"
|
||||
- "/etc/kolla/config/swift/swift.conf"
|
||||
config_template_dest:
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/swift.conf_minimal"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/swift.conf_global"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/swift.conf_augment"
|
||||
config_dest: "{{ node_config_directory }}/{{ service_name }}/swift.conf"
|
||||
|
||||
- include: ../../config.yml
|
||||
vars:
|
||||
service_name: "swift-proxy-server"
|
||||
config_source:
|
||||
- "roles/swift/templates/proxy-server.conf.j2"
|
||||
- "/etc/kolla/config/global.conf"
|
||||
- "/etc/kolla/config/swift/proxy-server.conf"
|
||||
config_template_dest:
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/proxy-server.conf_minimal"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/proxy-server.conf_global"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/proxy-server.conf_augment"
|
||||
config_dest: "{{ node_config_directory }}/{{ service_name }}/proxy-server.conf"
|
||||
when: inventory_hostname in groups['swift-proxy-server']
|
||||
|
||||
- include: ../../config.yml
|
||||
vars:
|
||||
service_name: "swift-account-server"
|
||||
config_source:
|
||||
- "roles/swift/templates/account-server.conf.j2"
|
||||
- "/etc/kolla/config/global.conf"
|
||||
- "/etc/kolla/config/swift/account-server.conf"
|
||||
config_template_dest:
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/account-server.conf_minimal"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/account-server.conf_global"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/account-server.conf_augment"
|
||||
config_dest: "{{ node_config_directory }}/{{ service_name }}/account-server.conf"
|
||||
when: inventory_hostname in groups['swift-account-server']
|
||||
|
||||
- include: ../../config.yml
|
||||
vars:
|
||||
service_name: "swift-container-server"
|
||||
config_source:
|
||||
- "roles/swift/templates/container-server.conf.j2"
|
||||
- "/etc/kolla/config/global.conf"
|
||||
- "/etc/kolla/config/swift/container-server.conf"
|
||||
config_template_dest:
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/container-server.conf_minimal"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/container-server.conf_global"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/container-server.conf_augment"
|
||||
config_dest: "{{ node_config_directory }}/{{ service_name }}/container-server.conf"
|
||||
when: inventory_hostname in groups['swift-container-server']
|
||||
|
||||
- include: ../../config.yml
|
||||
vars:
|
||||
service_name: "swift-object-server"
|
||||
config_source:
|
||||
- "roles/swift/templates/object-server.conf.j2"
|
||||
- "/etc/kolla/config/global.conf"
|
||||
- "/etc/kolla/config/swift/object-server.conf"
|
||||
config_template_dest:
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/object-server.conf_minimal"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/object-server.conf_global"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/object-server.conf_augment"
|
||||
config_dest: "{{ node_config_directory }}/{{ service_name }}/object-server.conf"
|
||||
when: inventory_hostname in groups['swift-object-server']
|
||||
|
||||
- name: Copying over Swift ring files
|
||||
copy:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
backup: yes
|
||||
with_items:
|
||||
- { src: "/etc/kolla/config/swift/object.ring.gz",
|
||||
dest: "{{ node_config_directory }}/swift/object.ring.gz" }
|
||||
- { src: "/etc/kolla/config/swift/container.ring.gz",
|
||||
dest: "{{ node_config_directory }}/swift/container.ring.gz" }
|
||||
- { src: "/etc/kolla/config/swift/account.ring.gz",
|
||||
dest: "{{ node_config_directory }}/swift/account.ring.gz" }
|
8
ansible/roles/swift/tasks/main.yml
Normal file
8
ansible/roles/swift/tasks/main.yml
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
- include: register.yml
|
||||
|
||||
- include: config.yml
|
||||
|
||||
- include: bootstrap.yml
|
||||
|
||||
- include: start.yml
|
37
ansible/roles/swift/tasks/register.yml
Normal file
37
ansible/roles/swift/tasks/register.yml
Normal file
@ -0,0 +1,37 @@
|
||||
---
|
||||
- name: Creating the Swift service and endpoint
|
||||
command: docker exec -t kolla_ansible /usr/bin/ansible localhost
|
||||
-m kolla_keystone_service
|
||||
-a "service_name=swift
|
||||
service_type=object-store
|
||||
description='Openstack Object Storage'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='http://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}'
|
||||
internal_url='http://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s'
|
||||
public_url='http://{{ kolla_external_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_swift_auth }}' }}"
|
||||
-e "{'openstack_swift_auth':{{ openstack_swift_auth }}}"
|
||||
register: swift_endpoint
|
||||
changed_when: "{{ swift_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (swift_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
|
||||
until: swift_endpoint.stdout.split()[2] == 'SUCCESS'
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
|
||||
- name: Creating the Swift project, user, and role
|
||||
command: docker exec -t kolla_ansible /usr/bin/ansible localhost
|
||||
-m kolla_keystone_user
|
||||
-a "project=service
|
||||
user={{ swift_keystone_user }}
|
||||
password={{ swift_keystone_password }}
|
||||
role={{ swift_admin_tenant_name }}
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_swift_auth }}' }}"
|
||||
-e "{'openstack_swift_auth':{{ openstack_swift_auth }}}"
|
||||
register: swift_user
|
||||
changed_when: "{{ swift_user.stdout.find('localhost | SUCCESS => ') != -1 and (swift_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
|
||||
until: swift_user.stdout.split()[2] == 'SUCCESS'
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
92
ansible/roles/swift/tasks/start.yml
Normal file
92
ansible/roles/swift/tasks/start.yml
Normal file
@ -0,0 +1,92 @@
|
||||
---
|
||||
- name: Starting Swift Proxy Server container
|
||||
docker:
|
||||
docker_api_version: "{{ docker_api_version }}"
|
||||
net: host
|
||||
pull: "{{ docker_pull_policy }}"
|
||||
restart_policy: "{{ docker_restart_policy }}"
|
||||
restart_policy_retry: "{{ docker_restart_policy_retry }}"
|
||||
state: reloaded
|
||||
registry: "{{ docker_registry }}"
|
||||
username: "{{ docker_registry_username }}"
|
||||
password: "{{ docker_registry_password }}"
|
||||
insecure_registry: "{{ docker_insecure_registry }}"
|
||||
name: swift_proxy_server
|
||||
image: "{{ swift_proxy_server_image_full }}"
|
||||
volumes:
|
||||
- "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
|
||||
- "{{ node_config_directory }}/swift-proxy-server/:/opt/kolla/swift-proxy-server/:ro"
|
||||
volumes_from:
|
||||
- swift_data
|
||||
env:
|
||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||
when: inventory_hostname in groups['swift-proxy-server']
|
||||
|
||||
- name: Starting Swift Account Server container
|
||||
docker:
|
||||
docker_api_version: "{{ docker_api_version }}"
|
||||
net: host
|
||||
pull: "{{ docker_pull_policy }}"
|
||||
restart_policy: "{{ docker_restart_policy }}"
|
||||
restart_policy_retry: "{{ docker_restart_policy_retry }}"
|
||||
state: reloaded
|
||||
registry: "{{ docker_registry }}"
|
||||
username: "{{ docker_registry_username }}"
|
||||
password: "{{ docker_registry_password }}"
|
||||
insecure_registry: "{{ docker_insecure_registry }}"
|
||||
name: swift_account_server
|
||||
image: "{{ swift_account_server_image_full }}"
|
||||
volumes:
|
||||
- "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
|
||||
- "{{ node_config_directory }}/swift-account-server/:/opt/kolla/swift-account-server/:ro"
|
||||
volumes_from:
|
||||
- swift_data
|
||||
env:
|
||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||
when: inventory_hostname in groups['swift-account-server']
|
||||
|
||||
- name: Starting Swift Container Server container
|
||||
docker:
|
||||
docker_api_version: "{{ docker_api_version }}"
|
||||
net: host
|
||||
pull: "{{ docker_pull_policy }}"
|
||||
restart_policy: "{{ docker_restart_policy }}"
|
||||
restart_policy_retry: "{{ docker_restart_policy_retry }}"
|
||||
state: reloaded
|
||||
registry: "{{ docker_registry }}"
|
||||
username: "{{ docker_registry_username }}"
|
||||
password: "{{ docker_registry_password }}"
|
||||
insecure_registry: "{{ docker_insecure_registry }}"
|
||||
name: swift_container_server
|
||||
image: "{{ swift_container_server_image_full }}"
|
||||
volumes:
|
||||
- "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
|
||||
- "{{ node_config_directory }}/swift-container-server/:/opt/kolla/swift-container-server/:ro"
|
||||
volumes_from:
|
||||
- swift_data
|
||||
env:
|
||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||
when: inventory_hostname in groups['swift-container-server']
|
||||
|
||||
- name: Starting Swift Object Server container
|
||||
docker:
|
||||
docker_api_version: "{{ docker_api_version }}"
|
||||
net: host
|
||||
pull: "{{ docker_pull_policy }}"
|
||||
restart_policy: "{{ docker_restart_policy }}"
|
||||
restart_policy_retry: "{{ docker_restart_policy_retry }}"
|
||||
state: reloaded
|
||||
registry: "{{ docker_registry }}"
|
||||
username: "{{ docker_registry_username }}"
|
||||
password: "{{ docker_registry_password }}"
|
||||
insecure_registry: "{{ docker_insecure_registry }}"
|
||||
name: swift_object_server
|
||||
image: "{{ swift_object_server_image_full }}"
|
||||
volumes:
|
||||
- "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
|
||||
- "{{ node_config_directory }}/swift-object-server/:/opt/kolla/swift-object-server/:ro"
|
||||
volumes_from:
|
||||
- swift_data
|
||||
env:
|
||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||
when: inventory_hostname in groups['swift-object-server']
|
11
ansible/roles/swift/templates/account-server.conf.j2
Normal file
11
ansible/roles/swift/templates/account-server.conf.j2
Normal file
@ -0,0 +1,11 @@
|
||||
[DEFAULT]
|
||||
bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
|
||||
bind_port = {{ swift_account_server_port }}
|
||||
devices = {{ swift_devices_mount_point }}
|
||||
mount_check = false
|
||||
|
||||
[pipeline:main]
|
||||
pipeline = account-server
|
||||
|
||||
[app:account-server]
|
||||
use = egg:swift#account
|
11
ansible/roles/swift/templates/container-server.conf.j2
Normal file
11
ansible/roles/swift/templates/container-server.conf.j2
Normal file
@ -0,0 +1,11 @@
|
||||
[DEFAULT]
|
||||
bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
|
||||
bind_port = {{ swift_container_server_port }}
|
||||
devices = {{ swift_devices_mount_point }}
|
||||
mount_check = false
|
||||
|
||||
[pipeline:main]
|
||||
pipeline = container-server
|
||||
|
||||
[app:container-server]
|
||||
use = egg:swift#container
|
11
ansible/roles/swift/templates/object-server.conf.j2
Normal file
11
ansible/roles/swift/templates/object-server.conf.j2
Normal file
@ -0,0 +1,11 @@
|
||||
[DEFAULT]
|
||||
bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
|
||||
bind_port = {{ swift_object_server_port }}
|
||||
devices = {{ swift_devices_mount_point }}
|
||||
mount_check = false
|
||||
|
||||
[pipeline:main]
|
||||
pipeline = object-server
|
||||
|
||||
[app:object-server]
|
||||
use = egg:swift#object
|
57
ansible/roles/swift/templates/proxy-server.conf.j2
Normal file
57
ansible/roles/swift/templates/proxy-server.conf.j2
Normal file
@ -0,0 +1,57 @@
|
||||
[DEFAULT]
|
||||
bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
|
||||
bind_port = {{ swift_proxy_server_port }}
|
||||
|
||||
[pipeline:main]
|
||||
pipeline = catch_errors gatekeeper healthcheck cache container_sync bulk ratelimit authtoken keystoneauth slo dlo proxy-server
|
||||
|
||||
[app:proxy-server]
|
||||
use = egg:swift#proxy
|
||||
allow_account_management = true
|
||||
account_autocreate = true
|
||||
|
||||
[filter:cache]
|
||||
use = egg:swift#memcache
|
||||
memcache_servers = {% for host in groups['swift-proxy-server'] %}{{ hostvars[host]['ansible_' + api_interface]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||
|
||||
[filter:catch_errors]
|
||||
use = egg:swift#catch_errors
|
||||
|
||||
[filter:healthcheck]
|
||||
use = egg:swift#healthcheck
|
||||
|
||||
[filter:proxy-logging]
|
||||
use = egg:swift#proxy_logging
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||
auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}
|
||||
auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }}
|
||||
auth_plugin = password
|
||||
project_domain_id = default
|
||||
user_domain_id = default
|
||||
project_name = service
|
||||
username = {{ swift_keystone_user }}
|
||||
password = {{ swift_keystone_password }}
|
||||
|
||||
[filter:keystoneauth]
|
||||
use = egg:swift#keystoneauth
|
||||
operator_roles = admin,user
|
||||
|
||||
[filter:container_sync]
|
||||
use = egg:swift#container_sync
|
||||
|
||||
[filter:bulk]
|
||||
use = egg:swift#bulk
|
||||
|
||||
[filter:ratelimit]
|
||||
use = egg:swift#ratelimit
|
||||
|
||||
[filter:gatekeeper]
|
||||
use = egg:swift#gatekeeper
|
||||
|
||||
[filter:slo]
|
||||
use = egg:swift#slo
|
||||
|
||||
[filter:dlo]
|
||||
use = egg:swift#dlo
|
3
ansible/roles/swift/templates/swift.conf.j2
Normal file
3
ansible/roles/swift/templates/swift.conf.j2
Normal file
@ -0,0 +1,3 @@
|
||||
[swift-hash]
|
||||
swift_hash_path_suffix = {{ swift_hash_path_suffix }}
|
||||
swift_hash_path_prefix = {{ swift_hash_path_prefix }}
|
@ -15,6 +15,10 @@
|
||||
roles:
|
||||
- { role: keystone, tags: keystone, when: enable_keystone | bool }
|
||||
|
||||
- hosts: [swift-proxy-server, swift-account-server, swift-object-server, swift-container-server ]
|
||||
roles:
|
||||
- { role: swift, tags: swift, when: enable_swift | bool }
|
||||
|
||||
- hosts: [glance-api, glance-registry]
|
||||
roles:
|
||||
- { role: glance, tags: glance, when: enable_glance | bool }
|
||||
|
@ -1,18 +1,19 @@
|
||||
#!/bin/bash
|
||||
SOURCE="/opt/kolla/swift/swift.conf"
|
||||
TARGET="/etc/swift/swift.conf"
|
||||
SOURCE_ACCOUNT_SERVER="/opt/kolla/swift/account-server.conf"
|
||||
TARGET_ACCOUNT_SERVER="/etc/swift/account-server.conf"
|
||||
OWNER="swift"
|
||||
|
||||
if [[ -f "$SOURCE" ]]; then
|
||||
cp $SOURCE $TARGET
|
||||
chown ${OWNER}: $TARGET
|
||||
chmod 0640 $TARGET
|
||||
if [[ -f /opt/kolla/swift/swift.conf ]]; then
|
||||
cp /opt/kolla/swift/swift.conf /etc/swift/
|
||||
chown swift: /etc/swift/swift.conf
|
||||
chmod 0640 /etc/swift/swift.conf
|
||||
fi
|
||||
|
||||
if [[ -f "$SOURCE_ACCOUNT_SERVER" ]]; then
|
||||
cp $SOURCE_ACCOUNT_SERVER $TARGET_ACCOUNT_SERVER
|
||||
chown ${OWNER}: $TARGET_ACCOUNT_SERVER
|
||||
chmod 0640 $TARGET_ACCOUNT_SERVER
|
||||
if [[ -f "/opt/kolla/swift/account.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/account.ring.gz /etc/swift/account.ring.gz
|
||||
chown swift: /etc/swift/account.ring.gz
|
||||
chmod 0640 /etc/swift/account.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f /opt/kolla/swift-account-server/account-server.conf ]]; then
|
||||
cp /opt/kolla/swift-account-server/account-server.conf /etc/swift/
|
||||
chown swift: /etc/swift/account-server.conf
|
||||
chmod 0640 /etc/swift/account-server.conf
|
||||
fi
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/account-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -1,9 +1,3 @@
|
||||
#!/bin/bash
|
||||
|
||||
. /opt/kolla/kolla-common.sh
|
||||
|
||||
check_required_vars SWIFT_HASH_PATH_SUFFIX
|
||||
|
||||
cfg=/etc/swift/swift.conf
|
||||
|
||||
crudini --set $cfg swift-hash swift_hash_path_suffix "${SWIFT_HASH_PATH_SUFFIX}"
|
||||
chown -R swift: /srv/node
|
||||
|
@ -1,18 +1,21 @@
|
||||
#!/bin/bash
|
||||
SOURCE="/opt/kolla/swift/swift.conf"
|
||||
TARGET="/etc/swift/swift.conf"
|
||||
SOURCE_CONTAINER_SERVER="/opt/kolla/swift/container-server.conf"
|
||||
TARGET_CONTAINER_SERVER="/etc/swift/container-server.conf"
|
||||
|
||||
OWNER="swift"
|
||||
|
||||
if [[ -f "$SOURCE" ]]; then
|
||||
cp $SOURCE $TARGET
|
||||
chown ${OWNER}: $TARGET
|
||||
chmod 0640 $TARGET
|
||||
if [[ -f "/opt/kolla/swift/swift.conf" ]]; then
|
||||
cp /opt/kolla/swift/swift.conf /etc/swift/swift.conf
|
||||
chown ${OWNER}: /etc/swift/swift.conf
|
||||
chmod 0640 /etc/swift/swift.conf
|
||||
fi
|
||||
|
||||
if [[ -f "$SOURCE_CONTAINER_SERVER" ]]; then
|
||||
cp $SOURCE_CONTAINER_SERVER $TARGET_CONTAINER_SERVER
|
||||
chown ${OWNER}: $TARGET_CONTAINER_SERVER
|
||||
chmod 0640 $TARGET_CONTAINER_SERVER
|
||||
if [[ -f "/opt/kolla/swift/container.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/container.ring.gz /etc/swift/container.ring.gz
|
||||
chown ${OWNER}: /etc/swift/container.ring.gz
|
||||
chmod 0640 /etc/swift/container.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift-container-server/container-server.conf" ]]; then
|
||||
cp /opt/kolla/swift-container-server/container-server.conf /etc/swift/container-server.conf
|
||||
chown ${OWNER}: /etc/swift/container-server.conf
|
||||
chmod 0640 /etc/swift/container-server.conf
|
||||
fi
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/container-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -1,18 +1,27 @@
|
||||
#!/bin/bash
|
||||
SOURCE="/opt/kolla/swift/swift.conf"
|
||||
TARGET="/etc/swift/swift.conf"
|
||||
SOURCE_OBJECT_SERVER="/opt/kolla/swift/object-server.conf"
|
||||
TARGET_OBJECT_SERVER="/etc/swift/object-server.conf"
|
||||
|
||||
OWNER="swift"
|
||||
|
||||
if [[ -f "$SOURCE" ]]; then
|
||||
cp $SOURCE $TARGET
|
||||
chown ${OWNER}: $TARGET
|
||||
chmod 0640 $TARGET
|
||||
if [[ -f "/opt/kolla/swift/swift.conf" ]]; then
|
||||
cp /opt/kolla/swift/swift.conf /etc/swift/swift.conf
|
||||
chown ${OWNER}: /etc/swift/swift.conf
|
||||
chmod 0640 /etc/swift/swift.conf
|
||||
fi
|
||||
|
||||
if [[ -f "$SOURCE_OBJECT_SERVER" ]]; then
|
||||
cp $SOURCE_OBJECT_SERVER $TARGET_OBJECT_SERVER
|
||||
chown ${OWNER}: $TARGET_OBJECT_SERVER
|
||||
chmod 0640 $TARGET_OBJECT_SERVER
|
||||
if [[ -f "/opt/kolla/swift/object.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/object.ring.gz /etc/swift/object.ring.gz
|
||||
chown ${OWNER}: /etc/swift/object.ring.gz
|
||||
chmod 0640 /etc/swift/object.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift/container.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/container.ring.gz /etc/swift/container.ring.gz
|
||||
chown ${OWNER}: /etc/swift/container.ring.gz
|
||||
chmod 0640 /etc/swift/container.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift-object-server/object-server.conf" ]]; then
|
||||
cp /opt/kolla/swift-object-server/object-server.conf /etc/swift/object-server.conf
|
||||
chown ${OWNER}: /etc/swift/object-server.conf
|
||||
chmod 0640 /etc/swift/object-server.conf
|
||||
fi
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -1,10 +1,33 @@
|
||||
#!/bin/bash
|
||||
SOURCE="/opt/kolla/swift-proxy-server/swift.conf"
|
||||
TARGET="/etc/swift/swift.conf"
|
||||
|
||||
OWNER="swift"
|
||||
|
||||
if [[ -f "$SOURCE" ]]; then
|
||||
cp $SOURCE $TARGET
|
||||
chown ${OWNER}: $TARGET
|
||||
chmod 0640 $TARGET
|
||||
if [[ -f "/opt/kolla/swift/swift.conf" ]]; then
|
||||
cp /opt/kolla/swift/swift.conf /etc/swift/swift.conf
|
||||
chown ${OWNER}: /etc/swift/swift.conf
|
||||
chmod 0640 /etc/swift/swift.conf
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift/object.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/object.ring.gz /etc/swift/object.ring.gz
|
||||
chown ${OWNER}: /etc/swift/object.ring.gz
|
||||
chmod 0640 /etc/swift/object.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift/container.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/container.ring.gz /etc/swift/container.ring.gz
|
||||
chown ${OWNER}: /etc/swift/container.ring.gz
|
||||
chmod 0640 /etc/swift/container.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift/account.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/account.ring.gz /etc/swift/account.ring.gz
|
||||
chown ${OWNER}: /etc/swift/account.ring.gz
|
||||
chmod 0640 /etc/swift/account.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift-proxy-server/proxy-server.conf" ]]; then
|
||||
cp /opt/kolla/swift-proxy-server/proxy-server.conf /etc/swift/proxy-server.conf
|
||||
chown ${OWNER}: /etc/swift/proxy-server.conf
|
||||
chmod 0640 /etc/swift/proxy-server.conf
|
||||
fi
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/proxy-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
130
docs/swift-readme.rst
Normal file
130
docs/swift-readme.rst
Normal file
@ -0,0 +1,130 @@
|
||||
Swift in Kolla
|
||||
==============
|
||||
|
||||
Overview
|
||||
--------
|
||||
Currently Kolla can deploy the "core" services required for a working Swift, in either an AIO or
|
||||
multi node setup:
|
||||
|
||||
- swift-proxy
|
||||
- swift-account
|
||||
- swift-container
|
||||
- swift-object
|
||||
|
||||
There are a variety of other services such the replicator, expirer, rsyncd, etc. which actually make
|
||||
Swift useful, which are in progress and hope to be finished in liberty-rc1.
|
||||
|
||||
Prerequisites
|
||||
-------------
|
||||
Before running Swift we need to generate "rings", which are binary compressed files that at a high
|
||||
level let the various Swift services know where data is in the cluster. Again, we hope to be able to
|
||||
generate these automatically for liberty-rc1.
|
||||
|
||||
Swift also expects block devices to be available and partitioned on the host, which Swift uses in
|
||||
combination with the rings to store data. Swift demos commonly just use directories created under
|
||||
/srv/node to simulate these devices. In order to ease "out of the box" testing of Kolla, we offer a
|
||||
similar setup with a data container. *Note*, data containers are very inefficient for this purpose.
|
||||
In production setups operators will want to provision disks according to the Swift operator guide,
|
||||
which can then be added the rings and used in Kolla.
|
||||
|
||||
For an AIO setup, the following commands can be used, locally, to generate rings containing the data
|
||||
container directories:
|
||||
|
||||
::
|
||||
|
||||
export KOLLA_INTERNAL_ADDRESS=1.2.3.4
|
||||
|
||||
# Object ring
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base \
|
||||
swift-ring-builder /etc/kolla/config/swift/object.builder create 10 3 1
|
||||
|
||||
for partition in sdb1 sdb2 sdb3; do
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base swift-ring-builder \
|
||||
/etc/kolla/config/swift/object.builder add z1-${KOLLA_INTERNAL_ADDRESS}:6000/${partition} 1
|
||||
done
|
||||
|
||||
# Account ring
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base \
|
||||
swift-ring-builder /etc/kolla/config/swift/account.builder create 10 3 1
|
||||
|
||||
for partition in sdb1 sdb2 sdb3; do
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base swift-ring-builder \
|
||||
/etc/kolla/config/swift/account.builder add z1-${KOLLA_INTERNAL_ADDRESS}:6001/${partition} 1
|
||||
done
|
||||
|
||||
# Container ring
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base \
|
||||
swift-ring-builder /etc/kolla/config/swift/container.builder create 10 3 1
|
||||
|
||||
for partition in sdb1 sdb2 sdb3; do
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base swift-ring-builder \
|
||||
/etc/kolla/config/swift/container.builder add z1-${KOLLA_INTERNAL_ADDRESS}:6002/${partition} 1
|
||||
done
|
||||
|
||||
for ring in object account container; do
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base swift-ring-builder \
|
||||
/etc/kolla/config/swift/${ring}.builder rebalance
|
||||
done
|
||||
|
||||
Similar commands can be used for multinode, you will just need to run the the 'add' step for each IP
|
||||
in the cluster.
|
||||
|
||||
For more info, see
|
||||
http://docs.openstack.org/kilo/install-guide/install/apt/content/swift-initial-rings.html
|
||||
|
||||
Deploying
|
||||
---------
|
||||
Once the rings are in place, deploying Swift is the same as any other Kolla Ansible service. Below
|
||||
is the minimal command to bring up Swift AIO, and it's dependencies:
|
||||
|
||||
::
|
||||
|
||||
ansible-playbook \
|
||||
-i ansible/inventory/all-in-one \
|
||||
-e @/etc/kolla/globals.yml \
|
||||
-e @etc/kolla/passwords.yml \
|
||||
ansible/site.yml \
|
||||
--tags=rabbitmq,mariadb,keystone,swift
|
||||
|
||||
Validation
|
||||
----------
|
||||
A very basic smoke test:
|
||||
|
||||
::
|
||||
|
||||
$ swift stat
|
||||
Account: AUTH_4c19d363b9cf432a80e34f06b1fa5749
|
||||
Containers: 1
|
||||
Objects: 0
|
||||
Bytes: 0
|
||||
Containers in policy "policy-0": 1
|
||||
Objects in policy "policy-0": 0
|
||||
Bytes in policy "policy-0": 0
|
||||
X-Account-Project-Domain-Id: default
|
||||
X-Timestamp: 1440168098.28319
|
||||
X-Trans-Id: txf5a62b7d7fc541f087703-0055d73be7
|
||||
Content-Type: text/plain; charset=utf-8
|
||||
Accept-Ranges: bytes
|
||||
|
||||
$ swift upload mycontainer README.rst
|
||||
README.md
|
||||
|
||||
$ swift list
|
||||
mycontainer
|
||||
|
||||
$ swift download mycontainer README.md
|
||||
README.md [auth 0.248s, headers 0.939s, total 0.939s, 0.006 MB/s]
|
0
etc/kolla/config/swift.conf
Normal file
0
etc/kolla/config/swift.conf
Normal file
0
etc/kolla/config/swift/account-server.conf
Normal file
0
etc/kolla/config/swift/account-server.conf
Normal file
0
etc/kolla/config/swift/container-server.conf
Normal file
0
etc/kolla/config/swift/container-server.conf
Normal file
0
etc/kolla/config/swift/object-server.conf
Normal file
0
etc/kolla/config/swift/object-server.conf
Normal file
0
etc/kolla/config/swift/proxy-server.conf
Normal file
0
etc/kolla/config/swift/proxy-server.conf
Normal file
0
etc/kolla/config/swift/swift.conf
Normal file
0
etc/kolla/config/swift/swift.conf
Normal file
@ -36,6 +36,10 @@ metadata_secret: "password"
|
||||
cinder_database_password: "password"
|
||||
cinder_keystone_password: "password"
|
||||
|
||||
swift_keystone_password: "password"
|
||||
swift_hash_path_suffix: "kolla"
|
||||
swift_hash_path_prefix: "kolla"
|
||||
|
||||
####################
|
||||
# RabbitMQ options
|
||||
####################
|
||||
|
Loading…
Reference in New Issue
Block a user