Merge "Implement Ansible role for Swift"
This commit is contained in:
commit
f2e09fd807
@ -91,6 +91,10 @@ cinder_api_port: "8776"
|
||||
|
||||
memcached_port: "11211"
|
||||
|
||||
swift_proxy_server_port: "8080"
|
||||
swift_object_server_port: "6000"
|
||||
swift_account_server_port: "6001"
|
||||
swift_container_server_port: "6002"
|
||||
|
||||
####################
|
||||
# Openstack options
|
||||
@ -130,6 +134,7 @@ enable_rabbitmq: "yes"
|
||||
# Additional optional OpenStack services are specified here
|
||||
enable_cinder: "no"
|
||||
enable_horizon: "yes"
|
||||
enable_swift: "no"
|
||||
|
||||
####################
|
||||
# RabbitMQ options
|
||||
|
@ -45,6 +45,9 @@ control
|
||||
[horizon:children]
|
||||
control
|
||||
|
||||
[swift:children]
|
||||
control
|
||||
|
||||
|
||||
# Additional control implemented here. These groups allow you to control which
|
||||
# services run on which hosts at a per-service level.
|
||||
@ -95,3 +98,16 @@ cinder
|
||||
|
||||
[cinder-volume:children]
|
||||
storage
|
||||
|
||||
# Swift
|
||||
[swift-proxy-server:children]
|
||||
swift
|
||||
|
||||
[swift-account-server:children]
|
||||
storage
|
||||
|
||||
[swift-container-server:children]
|
||||
storage
|
||||
|
||||
[swift-object-server:children]
|
||||
storage
|
||||
|
@ -51,6 +51,9 @@ control
|
||||
[horizon:children]
|
||||
control
|
||||
|
||||
[swift:children]
|
||||
control
|
||||
|
||||
|
||||
# Additional control implemented here. These groups allow you to control which
|
||||
# services run on which hosts at a per-service level.
|
||||
@ -101,3 +104,16 @@ cinder
|
||||
|
||||
[cinder-volume:children]
|
||||
storage
|
||||
|
||||
# Swift
|
||||
[swift-proxy-server:children]
|
||||
storage
|
||||
|
||||
[swift-account-server:children]
|
||||
storage
|
||||
|
||||
[swift-container-server:children]
|
||||
storage
|
||||
|
||||
[swift-object-server:children]
|
||||
storage
|
||||
|
58
ansible/roles/swift/defaults/main.yml
Normal file
58
ansible/roles/swift/defaults/main.yml
Normal file
@ -0,0 +1,58 @@
|
||||
---
|
||||
project_name: "swift"
|
||||
|
||||
####################
|
||||
# Docker
|
||||
####################
|
||||
swift_proxy_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-proxy-server"
|
||||
swift_proxy_server_tag: "{{ openstack_release }}"
|
||||
swift_proxy_server_image_full: "{{ swift_proxy_server_image }}:{{ swift_proxy_server_tag }}"
|
||||
|
||||
swift_data_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-data"
|
||||
swift_data_tag: "{{ openstack_release }}"
|
||||
swift_data_image_full: "{{ swift_data_image }}:{{ swift_data_tag }}"
|
||||
|
||||
swift_account_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-account-server"
|
||||
swift_account_server_tag: "{{ openstack_release }}"
|
||||
swift_account_server_image_full: "{{ swift_account_server_image }}:{{ swift_account_server_tag }}"
|
||||
|
||||
swift_container_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-container-server"
|
||||
swift_container_server_tag: "{{ openstack_release }}"
|
||||
swift_container_server_image_full: "{{ swift_container_server_image }}:{{ swift_container_server_tag }}"
|
||||
|
||||
swift_object_auditor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-auditor"
|
||||
swift_object_auditor_tag: "{{ openstack_release }}"
|
||||
swift_object_auditor_image_full: "{{ swift_object_auditor_image }}:{{ swift_object_auditor_tag }}"
|
||||
|
||||
swift_object_expirer_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-expirer"
|
||||
swift_object_expirer_tag: "{{ openstack_release }}"
|
||||
swift_object_expirer_image_full: "{{ swift_object_expirer_image }}:{{ swift_object_expirer_tag }}"
|
||||
|
||||
swift_object_replicator_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-replicator"
|
||||
swift_object_replicator_tag: "{{ openstack_release }}"
|
||||
swift_object_replicator_image_full: "{{ swift_object_replicator_image }}:{{ swift_object_replicator_tag }}"
|
||||
|
||||
swift_object_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-server"
|
||||
swift_object_server_tag: "{{ openstack_release }}"
|
||||
swift_object_server_image_full: "{{ swift_object_server_image }}:{{ swift_object_server_tag }}"
|
||||
|
||||
swift_object_updater_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-updater"
|
||||
swift_object_updater_tag: "{{ openstack_release }}"
|
||||
swift_object_updater_image_full: "{{ swift_object_updater_image }}:{{ swift_object_updater_tag }}"
|
||||
|
||||
####################
|
||||
# Openstack
|
||||
####################
|
||||
swift_public_address: "{{ kolla_external_address }}"
|
||||
swift_admin_address: "{{ kolla_internal_address }}"
|
||||
swift_internal_address: "{{ kolla_internal_address }}"
|
||||
|
||||
swift_logging_verbose: "{{ openstack_logging_verbose }}"
|
||||
swift_logging_debug: "{{ openstack_logging_debug }}"
|
||||
|
||||
swift_keystone_user: "swift"
|
||||
swift_admin_tenant_name: "admin"
|
||||
|
||||
swift_devices_mount_point: "/srv/node"
|
||||
|
||||
openstack_swift_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
|
4
ansible/roles/swift/meta/main.yml
Normal file
4
ansible/roles/swift/meta/main.yml
Normal file
@ -0,0 +1,4 @@
|
||||
---
|
||||
dependencies:
|
||||
- { role: common }
|
||||
- { role: memcached }
|
19
ansible/roles/swift/tasks/bootstrap.yml
Normal file
19
ansible/roles/swift/tasks/bootstrap.yml
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
- name: Starting Swift data container
|
||||
docker:
|
||||
docker_api_version: "{{ docker_api_version }}"
|
||||
net: host
|
||||
pull: "{{ docker_pull_policy }}"
|
||||
restart_policy: "{{ docker_restart_policy }}"
|
||||
restart_policy_retry: "{{ docker_restart_policy_retry }}"
|
||||
state: reloaded
|
||||
registry: "{{ docker_registry }}"
|
||||
username: "{{ docker_registry_username }}"
|
||||
password: "{{ docker_registry_password }}"
|
||||
insecure_registry: "{{ docker_insecure_registry }}"
|
||||
name: swift_data
|
||||
image: "{{ swift_data_image_full }}"
|
||||
volumes:
|
||||
- "/srv/node/sdb1"
|
||||
- "/srv/node/sdb2"
|
||||
- "/srv/node/sdb3"
|
84
ansible/roles/swift/tasks/config.yml
Normal file
84
ansible/roles/swift/tasks/config.yml
Normal file
@ -0,0 +1,84 @@
|
||||
---
|
||||
# TODO(pbourke): There needs to be one swift.conf generated per service for updates to work
|
||||
# correctly. Figure out a way (with_items seems to not be allowed when using include)
|
||||
- include: ../../config.yml
|
||||
vars:
|
||||
service_name: "swift"
|
||||
config_source:
|
||||
- "roles/swift/templates/swift.conf.j2"
|
||||
- "/etc/kolla/config/global.conf"
|
||||
- "/etc/kolla/config/swift/swift.conf"
|
||||
config_template_dest:
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/swift.conf_minimal"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/swift.conf_global"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/swift.conf_augment"
|
||||
config_dest: "{{ node_config_directory }}/{{ service_name }}/swift.conf"
|
||||
|
||||
- include: ../../config.yml
|
||||
vars:
|
||||
service_name: "swift-proxy-server"
|
||||
config_source:
|
||||
- "roles/swift/templates/proxy-server.conf.j2"
|
||||
- "/etc/kolla/config/global.conf"
|
||||
- "/etc/kolla/config/swift/proxy-server.conf"
|
||||
config_template_dest:
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/proxy-server.conf_minimal"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/proxy-server.conf_global"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/proxy-server.conf_augment"
|
||||
config_dest: "{{ node_config_directory }}/{{ service_name }}/proxy-server.conf"
|
||||
when: inventory_hostname in groups['swift-proxy-server']
|
||||
|
||||
- include: ../../config.yml
|
||||
vars:
|
||||
service_name: "swift-account-server"
|
||||
config_source:
|
||||
- "roles/swift/templates/account-server.conf.j2"
|
||||
- "/etc/kolla/config/global.conf"
|
||||
- "/etc/kolla/config/swift/account-server.conf"
|
||||
config_template_dest:
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/account-server.conf_minimal"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/account-server.conf_global"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/account-server.conf_augment"
|
||||
config_dest: "{{ node_config_directory }}/{{ service_name }}/account-server.conf"
|
||||
when: inventory_hostname in groups['swift-account-server']
|
||||
|
||||
- include: ../../config.yml
|
||||
vars:
|
||||
service_name: "swift-container-server"
|
||||
config_source:
|
||||
- "roles/swift/templates/container-server.conf.j2"
|
||||
- "/etc/kolla/config/global.conf"
|
||||
- "/etc/kolla/config/swift/container-server.conf"
|
||||
config_template_dest:
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/container-server.conf_minimal"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/container-server.conf_global"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/container-server.conf_augment"
|
||||
config_dest: "{{ node_config_directory }}/{{ service_name }}/container-server.conf"
|
||||
when: inventory_hostname in groups['swift-container-server']
|
||||
|
||||
- include: ../../config.yml
|
||||
vars:
|
||||
service_name: "swift-object-server"
|
||||
config_source:
|
||||
- "roles/swift/templates/object-server.conf.j2"
|
||||
- "/etc/kolla/config/global.conf"
|
||||
- "/etc/kolla/config/swift/object-server.conf"
|
||||
config_template_dest:
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/object-server.conf_minimal"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/object-server.conf_global"
|
||||
- "{{ node_templates_directory }}/{{ service_name }}/object-server.conf_augment"
|
||||
config_dest: "{{ node_config_directory }}/{{ service_name }}/object-server.conf"
|
||||
when: inventory_hostname in groups['swift-object-server']
|
||||
|
||||
- name: Copying over Swift ring files
|
||||
copy:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
backup: yes
|
||||
with_items:
|
||||
- { src: "/etc/kolla/config/swift/object.ring.gz",
|
||||
dest: "{{ node_config_directory }}/swift/object.ring.gz" }
|
||||
- { src: "/etc/kolla/config/swift/container.ring.gz",
|
||||
dest: "{{ node_config_directory }}/swift/container.ring.gz" }
|
||||
- { src: "/etc/kolla/config/swift/account.ring.gz",
|
||||
dest: "{{ node_config_directory }}/swift/account.ring.gz" }
|
8
ansible/roles/swift/tasks/main.yml
Normal file
8
ansible/roles/swift/tasks/main.yml
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
- include: register.yml
|
||||
|
||||
- include: config.yml
|
||||
|
||||
- include: bootstrap.yml
|
||||
|
||||
- include: start.yml
|
37
ansible/roles/swift/tasks/register.yml
Normal file
37
ansible/roles/swift/tasks/register.yml
Normal file
@ -0,0 +1,37 @@
|
||||
---
|
||||
- name: Creating the Swift service and endpoint
|
||||
command: docker exec -t kolla_ansible /usr/bin/ansible localhost
|
||||
-m kolla_keystone_service
|
||||
-a "service_name=swift
|
||||
service_type=object-store
|
||||
description='Openstack Object Storage'
|
||||
endpoint_region={{ openstack_region_name }}
|
||||
admin_url='http://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}'
|
||||
internal_url='http://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s'
|
||||
public_url='http://{{ kolla_external_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s'
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_swift_auth }}' }}"
|
||||
-e "{'openstack_swift_auth':{{ openstack_swift_auth }}}"
|
||||
register: swift_endpoint
|
||||
changed_when: "{{ swift_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (swift_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
|
||||
until: swift_endpoint.stdout.split()[2] == 'SUCCESS'
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
||||
|
||||
- name: Creating the Swift project, user, and role
|
||||
command: docker exec -t kolla_ansible /usr/bin/ansible localhost
|
||||
-m kolla_keystone_user
|
||||
-a "project=service
|
||||
user={{ swift_keystone_user }}
|
||||
password={{ swift_keystone_password }}
|
||||
role={{ swift_admin_tenant_name }}
|
||||
region_name={{ openstack_region_name }}
|
||||
auth={{ '{{ openstack_swift_auth }}' }}"
|
||||
-e "{'openstack_swift_auth':{{ openstack_swift_auth }}}"
|
||||
register: swift_user
|
||||
changed_when: "{{ swift_user.stdout.find('localhost | SUCCESS => ') != -1 and (swift_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
|
||||
until: swift_user.stdout.split()[2] == 'SUCCESS'
|
||||
retries: 10
|
||||
delay: 5
|
||||
run_once: True
|
92
ansible/roles/swift/tasks/start.yml
Normal file
92
ansible/roles/swift/tasks/start.yml
Normal file
@ -0,0 +1,92 @@
|
||||
---
|
||||
- name: Starting Swift Proxy Server container
|
||||
docker:
|
||||
docker_api_version: "{{ docker_api_version }}"
|
||||
net: host
|
||||
pull: "{{ docker_pull_policy }}"
|
||||
restart_policy: "{{ docker_restart_policy }}"
|
||||
restart_policy_retry: "{{ docker_restart_policy_retry }}"
|
||||
state: reloaded
|
||||
registry: "{{ docker_registry }}"
|
||||
username: "{{ docker_registry_username }}"
|
||||
password: "{{ docker_registry_password }}"
|
||||
insecure_registry: "{{ docker_insecure_registry }}"
|
||||
name: swift_proxy_server
|
||||
image: "{{ swift_proxy_server_image_full }}"
|
||||
volumes:
|
||||
- "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
|
||||
- "{{ node_config_directory }}/swift-proxy-server/:/opt/kolla/swift-proxy-server/:ro"
|
||||
volumes_from:
|
||||
- swift_data
|
||||
env:
|
||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||
when: inventory_hostname in groups['swift-proxy-server']
|
||||
|
||||
- name: Starting Swift Account Server container
|
||||
docker:
|
||||
docker_api_version: "{{ docker_api_version }}"
|
||||
net: host
|
||||
pull: "{{ docker_pull_policy }}"
|
||||
restart_policy: "{{ docker_restart_policy }}"
|
||||
restart_policy_retry: "{{ docker_restart_policy_retry }}"
|
||||
state: reloaded
|
||||
registry: "{{ docker_registry }}"
|
||||
username: "{{ docker_registry_username }}"
|
||||
password: "{{ docker_registry_password }}"
|
||||
insecure_registry: "{{ docker_insecure_registry }}"
|
||||
name: swift_account_server
|
||||
image: "{{ swift_account_server_image_full }}"
|
||||
volumes:
|
||||
- "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
|
||||
- "{{ node_config_directory }}/swift-account-server/:/opt/kolla/swift-account-server/:ro"
|
||||
volumes_from:
|
||||
- swift_data
|
||||
env:
|
||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||
when: inventory_hostname in groups['swift-account-server']
|
||||
|
||||
- name: Starting Swift Container Server container
|
||||
docker:
|
||||
docker_api_version: "{{ docker_api_version }}"
|
||||
net: host
|
||||
pull: "{{ docker_pull_policy }}"
|
||||
restart_policy: "{{ docker_restart_policy }}"
|
||||
restart_policy_retry: "{{ docker_restart_policy_retry }}"
|
||||
state: reloaded
|
||||
registry: "{{ docker_registry }}"
|
||||
username: "{{ docker_registry_username }}"
|
||||
password: "{{ docker_registry_password }}"
|
||||
insecure_registry: "{{ docker_insecure_registry }}"
|
||||
name: swift_container_server
|
||||
image: "{{ swift_container_server_image_full }}"
|
||||
volumes:
|
||||
- "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
|
||||
- "{{ node_config_directory }}/swift-container-server/:/opt/kolla/swift-container-server/:ro"
|
||||
volumes_from:
|
||||
- swift_data
|
||||
env:
|
||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||
when: inventory_hostname in groups['swift-container-server']
|
||||
|
||||
- name: Starting Swift Object Server container
|
||||
docker:
|
||||
docker_api_version: "{{ docker_api_version }}"
|
||||
net: host
|
||||
pull: "{{ docker_pull_policy }}"
|
||||
restart_policy: "{{ docker_restart_policy }}"
|
||||
restart_policy_retry: "{{ docker_restart_policy_retry }}"
|
||||
state: reloaded
|
||||
registry: "{{ docker_registry }}"
|
||||
username: "{{ docker_registry_username }}"
|
||||
password: "{{ docker_registry_password }}"
|
||||
insecure_registry: "{{ docker_insecure_registry }}"
|
||||
name: swift_object_server
|
||||
image: "{{ swift_object_server_image_full }}"
|
||||
volumes:
|
||||
- "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
|
||||
- "{{ node_config_directory }}/swift-object-server/:/opt/kolla/swift-object-server/:ro"
|
||||
volumes_from:
|
||||
- swift_data
|
||||
env:
|
||||
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
||||
when: inventory_hostname in groups['swift-object-server']
|
11
ansible/roles/swift/templates/account-server.conf.j2
Normal file
11
ansible/roles/swift/templates/account-server.conf.j2
Normal file
@ -0,0 +1,11 @@
|
||||
[DEFAULT]
|
||||
bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
|
||||
bind_port = {{ swift_account_server_port }}
|
||||
devices = {{ swift_devices_mount_point }}
|
||||
mount_check = false
|
||||
|
||||
[pipeline:main]
|
||||
pipeline = account-server
|
||||
|
||||
[app:account-server]
|
||||
use = egg:swift#account
|
11
ansible/roles/swift/templates/container-server.conf.j2
Normal file
11
ansible/roles/swift/templates/container-server.conf.j2
Normal file
@ -0,0 +1,11 @@
|
||||
[DEFAULT]
|
||||
bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
|
||||
bind_port = {{ swift_container_server_port }}
|
||||
devices = {{ swift_devices_mount_point }}
|
||||
mount_check = false
|
||||
|
||||
[pipeline:main]
|
||||
pipeline = container-server
|
||||
|
||||
[app:container-server]
|
||||
use = egg:swift#container
|
11
ansible/roles/swift/templates/object-server.conf.j2
Normal file
11
ansible/roles/swift/templates/object-server.conf.j2
Normal file
@ -0,0 +1,11 @@
|
||||
[DEFAULT]
|
||||
bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
|
||||
bind_port = {{ swift_object_server_port }}
|
||||
devices = {{ swift_devices_mount_point }}
|
||||
mount_check = false
|
||||
|
||||
[pipeline:main]
|
||||
pipeline = object-server
|
||||
|
||||
[app:object-server]
|
||||
use = egg:swift#object
|
57
ansible/roles/swift/templates/proxy-server.conf.j2
Normal file
57
ansible/roles/swift/templates/proxy-server.conf.j2
Normal file
@ -0,0 +1,57 @@
|
||||
[DEFAULT]
|
||||
bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
|
||||
bind_port = {{ swift_proxy_server_port }}
|
||||
|
||||
[pipeline:main]
|
||||
pipeline = catch_errors gatekeeper healthcheck cache container_sync bulk ratelimit authtoken keystoneauth slo dlo proxy-server
|
||||
|
||||
[app:proxy-server]
|
||||
use = egg:swift#proxy
|
||||
allow_account_management = true
|
||||
account_autocreate = true
|
||||
|
||||
[filter:cache]
|
||||
use = egg:swift#memcache
|
||||
memcache_servers = {% for host in groups['swift-proxy-server'] %}{{ hostvars[host]['ansible_' + api_interface]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||
|
||||
[filter:catch_errors]
|
||||
use = egg:swift#catch_errors
|
||||
|
||||
[filter:healthcheck]
|
||||
use = egg:swift#healthcheck
|
||||
|
||||
[filter:proxy-logging]
|
||||
use = egg:swift#proxy_logging
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||
auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}
|
||||
auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }}
|
||||
auth_plugin = password
|
||||
project_domain_id = default
|
||||
user_domain_id = default
|
||||
project_name = service
|
||||
username = {{ swift_keystone_user }}
|
||||
password = {{ swift_keystone_password }}
|
||||
|
||||
[filter:keystoneauth]
|
||||
use = egg:swift#keystoneauth
|
||||
operator_roles = admin,user
|
||||
|
||||
[filter:container_sync]
|
||||
use = egg:swift#container_sync
|
||||
|
||||
[filter:bulk]
|
||||
use = egg:swift#bulk
|
||||
|
||||
[filter:ratelimit]
|
||||
use = egg:swift#ratelimit
|
||||
|
||||
[filter:gatekeeper]
|
||||
use = egg:swift#gatekeeper
|
||||
|
||||
[filter:slo]
|
||||
use = egg:swift#slo
|
||||
|
||||
[filter:dlo]
|
||||
use = egg:swift#dlo
|
3
ansible/roles/swift/templates/swift.conf.j2
Normal file
3
ansible/roles/swift/templates/swift.conf.j2
Normal file
@ -0,0 +1,3 @@
|
||||
[swift-hash]
|
||||
swift_hash_path_suffix = {{ swift_hash_path_suffix }}
|
||||
swift_hash_path_prefix = {{ swift_hash_path_prefix }}
|
@ -15,6 +15,10 @@
|
||||
roles:
|
||||
- { role: keystone, tags: keystone, when: enable_keystone | bool }
|
||||
|
||||
- hosts: [swift-proxy-server, swift-account-server, swift-object-server, swift-container-server ]
|
||||
roles:
|
||||
- { role: swift, tags: swift, when: enable_swift | bool }
|
||||
|
||||
- hosts: [glance-api, glance-registry]
|
||||
roles:
|
||||
- { role: glance, tags: glance, when: enable_glance | bool }
|
||||
|
@ -1,18 +1,19 @@
|
||||
#!/bin/bash
|
||||
SOURCE="/opt/kolla/swift/swift.conf"
|
||||
TARGET="/etc/swift/swift.conf"
|
||||
SOURCE_ACCOUNT_SERVER="/opt/kolla/swift/account-server.conf"
|
||||
TARGET_ACCOUNT_SERVER="/etc/swift/account-server.conf"
|
||||
OWNER="swift"
|
||||
|
||||
if [[ -f "$SOURCE" ]]; then
|
||||
cp $SOURCE $TARGET
|
||||
chown ${OWNER}: $TARGET
|
||||
chmod 0640 $TARGET
|
||||
if [[ -f /opt/kolla/swift/swift.conf ]]; then
|
||||
cp /opt/kolla/swift/swift.conf /etc/swift/
|
||||
chown swift: /etc/swift/swift.conf
|
||||
chmod 0640 /etc/swift/swift.conf
|
||||
fi
|
||||
|
||||
if [[ -f "$SOURCE_ACCOUNT_SERVER" ]]; then
|
||||
cp $SOURCE_ACCOUNT_SERVER $TARGET_ACCOUNT_SERVER
|
||||
chown ${OWNER}: $TARGET_ACCOUNT_SERVER
|
||||
chmod 0640 $TARGET_ACCOUNT_SERVER
|
||||
if [[ -f "/opt/kolla/swift/account.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/account.ring.gz /etc/swift/account.ring.gz
|
||||
chown swift: /etc/swift/account.ring.gz
|
||||
chmod 0640 /etc/swift/account.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f /opt/kolla/swift-account-server/account-server.conf ]]; then
|
||||
cp /opt/kolla/swift-account-server/account-server.conf /etc/swift/
|
||||
chown swift: /etc/swift/account-server.conf
|
||||
chmod 0640 /etc/swift/account-server.conf
|
||||
fi
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/account-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -1,9 +1,3 @@
|
||||
#!/bin/bash
|
||||
|
||||
. /opt/kolla/kolla-common.sh
|
||||
|
||||
check_required_vars SWIFT_HASH_PATH_SUFFIX
|
||||
|
||||
cfg=/etc/swift/swift.conf
|
||||
|
||||
crudini --set $cfg swift-hash swift_hash_path_suffix "${SWIFT_HASH_PATH_SUFFIX}"
|
||||
chown -R swift: /srv/node
|
||||
|
@ -1,18 +1,21 @@
|
||||
#!/bin/bash
|
||||
SOURCE="/opt/kolla/swift/swift.conf"
|
||||
TARGET="/etc/swift/swift.conf"
|
||||
SOURCE_CONTAINER_SERVER="/opt/kolla/swift/container-server.conf"
|
||||
TARGET_CONTAINER_SERVER="/etc/swift/container-server.conf"
|
||||
|
||||
OWNER="swift"
|
||||
|
||||
if [[ -f "$SOURCE" ]]; then
|
||||
cp $SOURCE $TARGET
|
||||
chown ${OWNER}: $TARGET
|
||||
chmod 0640 $TARGET
|
||||
if [[ -f "/opt/kolla/swift/swift.conf" ]]; then
|
||||
cp /opt/kolla/swift/swift.conf /etc/swift/swift.conf
|
||||
chown ${OWNER}: /etc/swift/swift.conf
|
||||
chmod 0640 /etc/swift/swift.conf
|
||||
fi
|
||||
|
||||
if [[ -f "$SOURCE_CONTAINER_SERVER" ]]; then
|
||||
cp $SOURCE_CONTAINER_SERVER $TARGET_CONTAINER_SERVER
|
||||
chown ${OWNER}: $TARGET_CONTAINER_SERVER
|
||||
chmod 0640 $TARGET_CONTAINER_SERVER
|
||||
if [[ -f "/opt/kolla/swift/container.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/container.ring.gz /etc/swift/container.ring.gz
|
||||
chown ${OWNER}: /etc/swift/container.ring.gz
|
||||
chmod 0640 /etc/swift/container.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift-container-server/container-server.conf" ]]; then
|
||||
cp /opt/kolla/swift-container-server/container-server.conf /etc/swift/container-server.conf
|
||||
chown ${OWNER}: /etc/swift/container-server.conf
|
||||
chmod 0640 /etc/swift/container-server.conf
|
||||
fi
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/container-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -1,18 +1,27 @@
|
||||
#!/bin/bash
|
||||
SOURCE="/opt/kolla/swift/swift.conf"
|
||||
TARGET="/etc/swift/swift.conf"
|
||||
SOURCE_OBJECT_SERVER="/opt/kolla/swift/object-server.conf"
|
||||
TARGET_OBJECT_SERVER="/etc/swift/object-server.conf"
|
||||
|
||||
OWNER="swift"
|
||||
|
||||
if [[ -f "$SOURCE" ]]; then
|
||||
cp $SOURCE $TARGET
|
||||
chown ${OWNER}: $TARGET
|
||||
chmod 0640 $TARGET
|
||||
if [[ -f "/opt/kolla/swift/swift.conf" ]]; then
|
||||
cp /opt/kolla/swift/swift.conf /etc/swift/swift.conf
|
||||
chown ${OWNER}: /etc/swift/swift.conf
|
||||
chmod 0640 /etc/swift/swift.conf
|
||||
fi
|
||||
|
||||
if [[ -f "$SOURCE_OBJECT_SERVER" ]]; then
|
||||
cp $SOURCE_OBJECT_SERVER $TARGET_OBJECT_SERVER
|
||||
chown ${OWNER}: $TARGET_OBJECT_SERVER
|
||||
chmod 0640 $TARGET_OBJECT_SERVER
|
||||
if [[ -f "/opt/kolla/swift/object.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/object.ring.gz /etc/swift/object.ring.gz
|
||||
chown ${OWNER}: /etc/swift/object.ring.gz
|
||||
chmod 0640 /etc/swift/object.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift/container.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/container.ring.gz /etc/swift/container.ring.gz
|
||||
chown ${OWNER}: /etc/swift/container.ring.gz
|
||||
chmod 0640 /etc/swift/container.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift-object-server/object-server.conf" ]]; then
|
||||
cp /opt/kolla/swift-object-server/object-server.conf /etc/swift/object-server.conf
|
||||
chown ${OWNER}: /etc/swift/object-server.conf
|
||||
chmod 0640 /etc/swift/object-server.conf
|
||||
fi
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
@ -1,10 +1,33 @@
|
||||
#!/bin/bash
|
||||
SOURCE="/opt/kolla/swift-proxy-server/swift.conf"
|
||||
TARGET="/etc/swift/swift.conf"
|
||||
|
||||
OWNER="swift"
|
||||
|
||||
if [[ -f "$SOURCE" ]]; then
|
||||
cp $SOURCE $TARGET
|
||||
chown ${OWNER}: $TARGET
|
||||
chmod 0640 $TARGET
|
||||
if [[ -f "/opt/kolla/swift/swift.conf" ]]; then
|
||||
cp /opt/kolla/swift/swift.conf /etc/swift/swift.conf
|
||||
chown ${OWNER}: /etc/swift/swift.conf
|
||||
chmod 0640 /etc/swift/swift.conf
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift/object.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/object.ring.gz /etc/swift/object.ring.gz
|
||||
chown ${OWNER}: /etc/swift/object.ring.gz
|
||||
chmod 0640 /etc/swift/object.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift/container.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/container.ring.gz /etc/swift/container.ring.gz
|
||||
chown ${OWNER}: /etc/swift/container.ring.gz
|
||||
chmod 0640 /etc/swift/container.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift/account.ring.gz" ]]; then
|
||||
cp /opt/kolla/swift/account.ring.gz /etc/swift/account.ring.gz
|
||||
chown ${OWNER}: /etc/swift/account.ring.gz
|
||||
chmod 0640 /etc/swift/account.ring.gz
|
||||
fi
|
||||
|
||||
if [[ -f "/opt/kolla/swift-proxy-server/proxy-server.conf" ]]; then
|
||||
cp /opt/kolla/swift-proxy-server/proxy-server.conf /etc/swift/proxy-server.conf
|
||||
chown ${OWNER}: /etc/swift/proxy-server.conf
|
||||
chmod 0640 /etc/swift/proxy-server.conf
|
||||
fi
|
||||
|
@ -8,6 +8,8 @@ ARGS="/etc/swift/proxy-server.conf --verbose"
|
||||
# Loading common functions.
|
||||
source /opt/kolla/kolla-common.sh
|
||||
|
||||
source /opt/kolla/config-swift.sh
|
||||
|
||||
# Execute config strategy
|
||||
set_configs
|
||||
|
||||
|
130
docs/swift-readme.rst
Normal file
130
docs/swift-readme.rst
Normal file
@ -0,0 +1,130 @@
|
||||
Swift in Kolla
|
||||
==============
|
||||
|
||||
Overview
|
||||
--------
|
||||
Currently Kolla can deploy the "core" services required for a working Swift, in either an AIO or
|
||||
multi node setup:
|
||||
|
||||
- swift-proxy
|
||||
- swift-account
|
||||
- swift-container
|
||||
- swift-object
|
||||
|
||||
There are a variety of other services such the replicator, expirer, rsyncd, etc. which actually make
|
||||
Swift useful, which are in progress and hope to be finished in liberty-rc1.
|
||||
|
||||
Prerequisites
|
||||
-------------
|
||||
Before running Swift we need to generate "rings", which are binary compressed files that at a high
|
||||
level let the various Swift services know where data is in the cluster. Again, we hope to be able to
|
||||
generate these automatically for liberty-rc1.
|
||||
|
||||
Swift also expects block devices to be available and partitioned on the host, which Swift uses in
|
||||
combination with the rings to store data. Swift demos commonly just use directories created under
|
||||
/srv/node to simulate these devices. In order to ease "out of the box" testing of Kolla, we offer a
|
||||
similar setup with a data container. *Note*, data containers are very inefficient for this purpose.
|
||||
In production setups operators will want to provision disks according to the Swift operator guide,
|
||||
which can then be added the rings and used in Kolla.
|
||||
|
||||
For an AIO setup, the following commands can be used, locally, to generate rings containing the data
|
||||
container directories:
|
||||
|
||||
::
|
||||
|
||||
export KOLLA_INTERNAL_ADDRESS=1.2.3.4
|
||||
|
||||
# Object ring
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base \
|
||||
swift-ring-builder /etc/kolla/config/swift/object.builder create 10 3 1
|
||||
|
||||
for partition in sdb1 sdb2 sdb3; do
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base swift-ring-builder \
|
||||
/etc/kolla/config/swift/object.builder add z1-${KOLLA_INTERNAL_ADDRESS}:6000/${partition} 1
|
||||
done
|
||||
|
||||
# Account ring
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base \
|
||||
swift-ring-builder /etc/kolla/config/swift/account.builder create 10 3 1
|
||||
|
||||
for partition in sdb1 sdb2 sdb3; do
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base swift-ring-builder \
|
||||
/etc/kolla/config/swift/account.builder add z1-${KOLLA_INTERNAL_ADDRESS}:6001/${partition} 1
|
||||
done
|
||||
|
||||
# Container ring
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base \
|
||||
swift-ring-builder /etc/kolla/config/swift/container.builder create 10 3 1
|
||||
|
||||
for partition in sdb1 sdb2 sdb3; do
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base swift-ring-builder \
|
||||
/etc/kolla/config/swift/container.builder add z1-${KOLLA_INTERNAL_ADDRESS}:6002/${partition} 1
|
||||
done
|
||||
|
||||
for ring in object account container; do
|
||||
docker run \
|
||||
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
|
||||
kollaglue/centos-binary-swift-base swift-ring-builder \
|
||||
/etc/kolla/config/swift/${ring}.builder rebalance
|
||||
done
|
||||
|
||||
Similar commands can be used for multinode, you will just need to run the the 'add' step for each IP
|
||||
in the cluster.
|
||||
|
||||
For more info, see
|
||||
http://docs.openstack.org/kilo/install-guide/install/apt/content/swift-initial-rings.html
|
||||
|
||||
Deploying
|
||||
---------
|
||||
Once the rings are in place, deploying Swift is the same as any other Kolla Ansible service. Below
|
||||
is the minimal command to bring up Swift AIO, and it's dependencies:
|
||||
|
||||
::
|
||||
|
||||
ansible-playbook \
|
||||
-i ansible/inventory/all-in-one \
|
||||
-e @/etc/kolla/globals.yml \
|
||||
-e @etc/kolla/passwords.yml \
|
||||
ansible/site.yml \
|
||||
--tags=rabbitmq,mariadb,keystone,swift
|
||||
|
||||
Validation
|
||||
----------
|
||||
A very basic smoke test:
|
||||
|
||||
::
|
||||
|
||||
$ swift stat
|
||||
Account: AUTH_4c19d363b9cf432a80e34f06b1fa5749
|
||||
Containers: 1
|
||||
Objects: 0
|
||||
Bytes: 0
|
||||
Containers in policy "policy-0": 1
|
||||
Objects in policy "policy-0": 0
|
||||
Bytes in policy "policy-0": 0
|
||||
X-Account-Project-Domain-Id: default
|
||||
X-Timestamp: 1440168098.28319
|
||||
X-Trans-Id: txf5a62b7d7fc541f087703-0055d73be7
|
||||
Content-Type: text/plain; charset=utf-8
|
||||
Accept-Ranges: bytes
|
||||
|
||||
$ swift upload mycontainer README.rst
|
||||
README.md
|
||||
|
||||
$ swift list
|
||||
mycontainer
|
||||
|
||||
$ swift download mycontainer README.md
|
||||
README.md [auth 0.248s, headers 0.939s, total 0.939s, 0.006 MB/s]
|
0
etc/kolla/config/swift.conf
Normal file
0
etc/kolla/config/swift.conf
Normal file
0
etc/kolla/config/swift/account-server.conf
Normal file
0
etc/kolla/config/swift/account-server.conf
Normal file
0
etc/kolla/config/swift/container-server.conf
Normal file
0
etc/kolla/config/swift/container-server.conf
Normal file
0
etc/kolla/config/swift/object-server.conf
Normal file
0
etc/kolla/config/swift/object-server.conf
Normal file
0
etc/kolla/config/swift/proxy-server.conf
Normal file
0
etc/kolla/config/swift/proxy-server.conf
Normal file
0
etc/kolla/config/swift/swift.conf
Normal file
0
etc/kolla/config/swift/swift.conf
Normal file
@ -36,6 +36,10 @@ metadata_secret: "password"
|
||||
cinder_database_password: "password"
|
||||
cinder_keystone_password: "password"
|
||||
|
||||
swift_keystone_password: "password"
|
||||
swift_hash_path_suffix: "kolla"
|
||||
swift_hash_path_prefix: "kolla"
|
||||
|
||||
####################
|
||||
# RabbitMQ options
|
||||
####################
|
||||
|
Loading…
x
Reference in New Issue
Block a user