Configure radosgw and ceph-rgw as optional services
radosgw is a now an optional platform service which is provisioned via a system service parameter. To align with this optionality, the ceph-rgw chart which is used to enable the containerized swift endpoints also becomes optional. Changes include: - Update the stx-openstack application disabled_charts setting in the application metadata.yaml to include the ceph-rgw chart. This sets the initial chart state to disabled. - Optimize ceph.pp puppet manifests to provide two runtime classes: one for setting up the platform radosgw configuration which will set the haproxy configuration and the other for updating the keystone information in the ceph configuration based on if the ceph-rgw chart is enabled. - Update the sm.pp manifest to dynamically provision/deprovision the radosgw based on if it's enabled in the service parameters - Rename the SWIFT service parameters to RADOSGW as this is the platform service being enabled. - Restructure ceph.py/ceph.pp to generate and use hieradata such that _revert_cephrgw_config() and _update_cephrgw_config() can be combined into a single function for runtime updates. Change-Id: Id8d5c6b1159881d44810fc3622990456f1e54e75 Depends-On: If284f622ceac48c4ffd74e7022fdd390971d0fd8 Partial-Bug: #1833738 Signed-off-by: Robert Church <robert.church@windriver.com>
This commit is contained in:
parent
3cd4032f55
commit
338ed34ea3
|
@ -2,6 +2,7 @@ disabled_charts:
|
|||
- aodh
|
||||
- barbican
|
||||
- ceilometer
|
||||
- ceph-rgw
|
||||
- gnocchi
|
||||
- ironic
|
||||
- panko
|
||||
|
|
|
@ -22,6 +22,7 @@ class platform::ceph::params(
|
|||
$mon_2_host = undef,
|
||||
$mon_2_ip = undef,
|
||||
$mon_2_addr = undef,
|
||||
$rgw_enabled = false,
|
||||
$rgw_client_name = 'radosgw.gateway',
|
||||
$rgw_user_name = 'root',
|
||||
$rgw_frontend_type = 'civetweb',
|
||||
|
@ -30,10 +31,6 @@ class platform::ceph::params(
|
|||
$rgw_service_domain = undef,
|
||||
$rgw_service_project = undef,
|
||||
$rgw_service_password = undef,
|
||||
$rgw_admin_domain = undef,
|
||||
$rgw_admin_project = undef,
|
||||
$rgw_admin_user = 'swift',
|
||||
$rgw_admin_password = undef,
|
||||
$rgw_max_put_size = '53687091200',
|
||||
$rgw_gc_max_objs = '977',
|
||||
$rgw_gc_obj_min_wait = '600',
|
||||
|
@ -411,7 +408,7 @@ class platform::ceph::osds(
|
|||
class platform::ceph::haproxy
|
||||
inherits ::platform::ceph::params {
|
||||
|
||||
if $service_enabled {
|
||||
if $rgw_enabled {
|
||||
platform::haproxy::proxy { 'ceph-radosgw-restapi':
|
||||
server_name => 's-ceph-radosgw',
|
||||
public_port => $rgw_port,
|
||||
|
@ -420,60 +417,48 @@ class platform::ceph::haproxy
|
|||
}
|
||||
}
|
||||
|
||||
class platform::ceph::rgw::runtime
|
||||
inherits ::platform::ceph::params {
|
||||
if $service_enabled {
|
||||
include ::platform::params
|
||||
class platform::ceph::rgw::keystone (
|
||||
$swift_endpts_enabled = false,
|
||||
$rgw_admin_domain = undef,
|
||||
$rgw_admin_project = undef,
|
||||
$rgw_admin_user = 'swift',
|
||||
$rgw_admin_password = undef,
|
||||
) inherits ::platform::ceph::params {
|
||||
include ::openstack::keystone::params
|
||||
if $rgw_enabled {
|
||||
|
||||
include ::openstack::keystone::params
|
||||
|
||||
ceph::rgw::keystone { $rgw_client_name:
|
||||
rgw_keystone_admin_token => '',
|
||||
rgw_keystone_url => $::openstack::keystone::params::openstack_auth_uri,
|
||||
rgw_keystone_version => $::openstack::keystone::params::api_version,
|
||||
rgw_keystone_accepted_roles => 'admin,_member_',
|
||||
user => $rgw_user_name,
|
||||
use_pki => false,
|
||||
rgw_keystone_admin_domain => $rgw_service_domain,
|
||||
rgw_keystone_admin_project => $rgw_service_project,
|
||||
rgw_keystone_admin_user => $rgw_admin_user,
|
||||
rgw_keystone_admin_password => $rgw_service_password,
|
||||
}
|
||||
exec { 'sm-restart-safe service ceph-radosgw':
|
||||
command => 'sm-restart-safe service ceph-radosgw'
|
||||
}
|
||||
if $swift_endpts_enabled {
|
||||
$url = $::openstack::keystone::params::openstack_auth_uri
|
||||
} else {
|
||||
$url = $::openstack::keystone::params::auth_uri
|
||||
}
|
||||
|
||||
ceph::rgw::keystone { $rgw_client_name:
|
||||
# keystone admin token is disabled after initial keystone configuration
|
||||
# for security reason. Use keystone service tenant credentials instead.
|
||||
rgw_keystone_admin_token => '',
|
||||
rgw_keystone_url => $url,
|
||||
rgw_keystone_version => $::openstack::keystone::params::api_version,
|
||||
rgw_keystone_accepted_roles => 'admin,_member_',
|
||||
user => $rgw_user_name,
|
||||
use_pki => false,
|
||||
rgw_keystone_revocation_interval => 0,
|
||||
rgw_keystone_token_cache_size => 0,
|
||||
rgw_keystone_admin_domain => $rgw_admin_domain,
|
||||
rgw_keystone_admin_project => $rgw_admin_project,
|
||||
rgw_keystone_admin_user => $rgw_admin_user,
|
||||
rgw_keystone_admin_password => $rgw_admin_password,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
class platform::ceph::rgw::runtime_revert
|
||||
inherits ::platform::ceph::params {
|
||||
if $service_enabled {
|
||||
include ::platform::params
|
||||
|
||||
include ::openstack::keystone::params
|
||||
|
||||
ceph::rgw::keystone { $rgw_client_name:
|
||||
rgw_keystone_admin_token => '',
|
||||
rgw_keystone_url => $::openstack::keystone::params::auth_uri,
|
||||
rgw_keystone_version => $::openstack::keystone::params::api_version,
|
||||
rgw_keystone_accepted_roles => 'admin,_member_',
|
||||
user => $rgw_user_name,
|
||||
use_pki => false,
|
||||
rgw_keystone_admin_domain => $rgw_admin_domain,
|
||||
rgw_keystone_admin_project => $rgw_admin_project,
|
||||
rgw_keystone_admin_user => $rgw_admin_user,
|
||||
rgw_keystone_admin_password => $rgw_admin_password,
|
||||
}
|
||||
exec { 'sm-restart-safe service ceph-radosgw':
|
||||
command => 'sm-restart-safe service ceph-radosgw'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
class platform::ceph::rgw
|
||||
inherits ::platform::ceph::params {
|
||||
include ::ceph::params
|
||||
include ::ceph::profile::params
|
||||
|
||||
if $service_enabled {
|
||||
if $rgw_enabled {
|
||||
include ::platform::params
|
||||
|
||||
include ::openstack::keystone::params
|
||||
|
@ -491,19 +476,7 @@ class platform::ceph::rgw
|
|||
log_file => $rgw_log_file,
|
||||
}
|
||||
|
||||
ceph::rgw::keystone { $rgw_client_name:
|
||||
# keystone admin token is disabled after initial keystone configuration
|
||||
# for security reason. Use keystone service tenant credentials instead.
|
||||
rgw_keystone_admin_token => '',
|
||||
rgw_keystone_url => $::openstack::keystone::params::auth_uri,
|
||||
rgw_keystone_version => $::openstack::keystone::params::api_version,
|
||||
rgw_keystone_accepted_roles => 'admin,_member_',
|
||||
use_pki => false,
|
||||
rgw_keystone_admin_domain => $rgw_admin_domain,
|
||||
rgw_keystone_admin_project => $rgw_admin_project,
|
||||
rgw_keystone_admin_user => $rgw_admin_user,
|
||||
rgw_keystone_admin_password => $rgw_admin_password,
|
||||
}
|
||||
include ::platform::ceph::rgw::keystone
|
||||
|
||||
ceph_config {
|
||||
# increase limit for single operation uploading to 50G (50*1024*1024*1024)
|
||||
|
@ -599,3 +572,36 @@ class platform::ceph::runtime_osds {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Used to configure optional radosgw platform service
|
||||
class platform::ceph::rgw::runtime
|
||||
inherits ::platform::ceph::params {
|
||||
|
||||
include platform::ceph::rgw
|
||||
|
||||
# Make sure the ceph configuration is complete before sm dynamically
|
||||
# provisions/deprovisions the service
|
||||
Class[$name] -> Class['::platform::sm::rgw::runtime']
|
||||
|
||||
unless $rgw_enabled {
|
||||
# SM's current behavior will not stop the service being de-provisioned, so
|
||||
# stop it when needed
|
||||
exec { 'Stopping ceph-radosgw service':
|
||||
command => '/etc/init.d/ceph-radosgw stop'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Used to configure radosgw keystone info based on containerized swift endpoints
|
||||
# being enabled/disabled
|
||||
class platform::ceph::rgw::keystone::runtime
|
||||
inherits ::platform::ceph::params {
|
||||
|
||||
include ::platform::ceph::rgw::keystone
|
||||
|
||||
exec { 'sm-restart-safe service ceph-radosgw':
|
||||
command => 'sm-restart-safe service ceph-radosgw'
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -175,6 +175,7 @@ class platform::sm
|
|||
# Ceph-Rados-Gateway
|
||||
include ::platform::ceph::params
|
||||
$ceph_configured = $::platform::ceph::params::service_enabled
|
||||
$rgw_configured = $::platform::ceph::params::rgw_enabled
|
||||
|
||||
if $system_mode == 'simplex' {
|
||||
$hostunit = '0'
|
||||
|
@ -818,13 +819,20 @@ class platform::sm
|
|||
}
|
||||
|
||||
# Ceph-Rados-Gateway
|
||||
if $ceph_configured {
|
||||
if $rgw_configured {
|
||||
exec {'Provision Ceph-Rados-Gateway (service-group-member ceph-radosgw)':
|
||||
command => 'sm-provision service-group-member storage-monitoring-services ceph-radosgw'
|
||||
}
|
||||
-> exec { 'Provision Ceph-Rados-Gateway (service ceph-radosgw)':
|
||||
command => 'sm-provision service ceph-radosgw',
|
||||
}
|
||||
} else {
|
||||
exec {'Deprovision Ceph-Rados-Gateway (service-group-member ceph-radosgw)':
|
||||
command => 'sm-deprovision service-group-member storage-monitoring-services ceph-radosgw'
|
||||
}
|
||||
-> exec { 'Deprovision Ceph-Rados-Gateway (service ceph-radosgw)':
|
||||
command => 'sm-deprovision service ceph-radosgw',
|
||||
}
|
||||
}
|
||||
|
||||
if $ldapserver_remote {
|
||||
|
@ -989,3 +997,17 @@ class platform::sm::stx_openstack::runtime {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
class platform::sm::rgw::runtime {
|
||||
$rgw_configured = $::platform::ceph::params::rgw_enabled
|
||||
|
||||
if $rgw_configured {
|
||||
exec {'Provision Ceph-Rados-Gateway (service-group-member ceph-radosgw)':
|
||||
command => 'sm-provision service-group-member storage-monitoring-services ceph-radosgw --apply'
|
||||
}
|
||||
} else {
|
||||
exec {'Deprovision Ceph-Rados-Gateway (service-group-member ceph-radosgw)':
|
||||
command => 'sm-deprovision service-group-member storage-monitoring-services ceph-radosgw --apply'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -906,7 +906,7 @@ SERVICE_TYPE_HORIZON = "horizon"
|
|||
SERVICE_TYPE_CEPH = 'ceph'
|
||||
SERVICE_TYPE_CINDER = 'cinder'
|
||||
SERVICE_TYPE_PLATFORM = 'platform'
|
||||
SERVICE_TYPE_SWIFT = 'swift'
|
||||
SERVICE_TYPE_RADOSGW = 'radosgw'
|
||||
SERVICE_TYPE_GLANCE = 'glance'
|
||||
SERVICE_TYPE_BARBICAN = 'barbican'
|
||||
SERVICE_TYPE_DOCKER = 'docker'
|
||||
|
@ -954,9 +954,9 @@ SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT_DEFAULT = 0
|
|||
# default time to live seconds
|
||||
PM_TTL_DEFAULT = 86400
|
||||
|
||||
SERVICE_PARAM_SECTION_SWIFT_CONFIG = 'config'
|
||||
SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED = 'service_enabled'
|
||||
SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB = 'fs_size_mb'
|
||||
SERVICE_PARAM_SECTION_RADOSGW_CONFIG = 'config'
|
||||
SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED = 'service_enabled'
|
||||
SERVICE_PARAM_NAME_RADOSGW_FS_SIZE_MB = 'fs_size_mb'
|
||||
|
||||
# docker parameters
|
||||
SERVICE_PARAM_SECTION_DOCKER_PROXY = 'proxy'
|
||||
|
@ -976,7 +976,7 @@ SERVICE_PARAM_SECTION_KUBERNETES_CERTIFICATES = 'certificates'
|
|||
SERVICE_PARAM_NAME_KUBERNETES_API_SAN_LIST = 'apiserver_certsan'
|
||||
|
||||
# default filesystem size to 25 MB
|
||||
SERVICE_PARAM_SWIFT_FS_SIZE_MB_DEFAULT = 25
|
||||
SERVICE_PARAM_RADOSGW_FS_SIZE_MB_DEFAULT = 25
|
||||
|
||||
# HTTP Service Parameters
|
||||
SERVICE_PARAM_SECTION_HTTP_CONFIG = 'config'
|
||||
|
@ -1139,7 +1139,7 @@ PARTITION_MANAGE_LOCK = "partition-manage"
|
|||
|
||||
# Optional services
|
||||
ALL_OPTIONAL_SERVICES = [SERVICE_TYPE_CINDER,
|
||||
SERVICE_TYPE_SWIFT]
|
||||
SERVICE_TYPE_RADOSGW]
|
||||
|
||||
# System mode
|
||||
SYSTEM_MODE_DUPLEX = "duplex"
|
||||
|
|
|
@ -14,9 +14,7 @@ import wsme
|
|||
|
||||
from sysinv.common import constants
|
||||
from sysinv.common import exception
|
||||
from sysinv.common.storage_backend_conf import StorageBackendConfig
|
||||
from sysinv.common import utils as cutils
|
||||
from sysinv.db import api as db_api
|
||||
from sysinv.openstack.common import log
|
||||
from sysinv.openstack.common.gettextutils import _
|
||||
|
||||
|
@ -262,16 +260,10 @@ def _rpm_pkg_is_installed(pkg_name):
|
|||
return (sum > 0)
|
||||
|
||||
|
||||
def _validate_swift_enabled(name, value):
|
||||
_validate_boolean(name, value)
|
||||
if not value:
|
||||
return
|
||||
dbapi = db_api.get_instance()
|
||||
ceph_backend = StorageBackendConfig.get_backend_conf(
|
||||
dbapi, constants.CINDER_BACKEND_CEPH)
|
||||
if ceph_backend and ceph_backend.object_gateway:
|
||||
def _validate_radosgw_enabled(name, value):
|
||||
if not cutils.is_valid_boolstr(value):
|
||||
raise wsme.exc.ClientSideError(_(
|
||||
"Swift API is already supported by Ceph Object Gateway."))
|
||||
"Parameter '%s' must be a valid bool string." % name))
|
||||
|
||||
|
||||
def _validate_docker_proxy_address(name, value):
|
||||
|
@ -405,28 +397,28 @@ PLATFORM_MTCE_PARAMETER_RESOURCE = {
|
|||
constants.SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT: 'platform::mtce::params::mnfa_timeout',
|
||||
}
|
||||
|
||||
SWIFT_CONFIG_PARAMETER_MANDATORY = [
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED,
|
||||
RADOSGW_CONFIG_PARAMETER_MANDATORY = [
|
||||
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED,
|
||||
]
|
||||
|
||||
SWIFT_CONFIG_PARAMETER_OPTIONAL = [
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB,
|
||||
RADOSGW_CONFIG_PARAMETER_OPTIONAL = [
|
||||
constants.SERVICE_PARAM_NAME_RADOSGW_FS_SIZE_MB,
|
||||
]
|
||||
|
||||
SWIFT_CONFIG_PARAMETER_VALIDATOR = {
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED: _validate_swift_enabled,
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB: _validate_integer,
|
||||
RADOSGW_CONFIG_PARAMETER_VALIDATOR = {
|
||||
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED: _validate_radosgw_enabled,
|
||||
constants.SERVICE_PARAM_NAME_RADOSGW_FS_SIZE_MB: _validate_integer,
|
||||
}
|
||||
|
||||
SWIFT_CONFIG_PARAMETER_RESOURCE = {
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED:
|
||||
'openstack::swift::params::service_enabled',
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB:
|
||||
'openstack::swift::params::fs_size_mb',
|
||||
RADOSGW_CONFIG_PARAMETER_RESOURCE = {
|
||||
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED:
|
||||
'openstack::radosgw::params::service_enabled',
|
||||
constants.SERVICE_PARAM_NAME_RADOSGW_FS_SIZE_MB:
|
||||
'openstack::radosgw::params::fs_size_mb',
|
||||
}
|
||||
|
||||
SWIFT_CONFIG_PARAMETER_DATA_FORMAT = {
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED: SERVICE_PARAMETER_DATA_FORMAT_BOOLEAN,
|
||||
RADOSGW_CONFIG_PARAMETER_DATA_FORMAT = {
|
||||
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED: SERVICE_PARAMETER_DATA_FORMAT_BOOLEAN,
|
||||
}
|
||||
|
||||
DOCKER_PROXY_PARAMETER_OPTIONAL = [
|
||||
|
@ -563,13 +555,13 @@ SERVICE_PARAMETER_SCHEMA = {
|
|||
SERVICE_PARAM_RESOURCE: HORIZON_AUTH_PARAMETER_RESOURCE,
|
||||
},
|
||||
},
|
||||
constants.SERVICE_TYPE_SWIFT: {
|
||||
constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG: {
|
||||
SERVICE_PARAM_MANDATORY: SWIFT_CONFIG_PARAMETER_MANDATORY,
|
||||
SERVICE_PARAM_OPTIONAL: SWIFT_CONFIG_PARAMETER_OPTIONAL,
|
||||
SERVICE_PARAM_VALIDATOR: SWIFT_CONFIG_PARAMETER_VALIDATOR,
|
||||
SERVICE_PARAM_RESOURCE: SWIFT_CONFIG_PARAMETER_RESOURCE,
|
||||
SERVICE_PARAM_DATA_FORMAT: SWIFT_CONFIG_PARAMETER_DATA_FORMAT,
|
||||
constants.SERVICE_TYPE_RADOSGW: {
|
||||
constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG: {
|
||||
SERVICE_PARAM_MANDATORY: RADOSGW_CONFIG_PARAMETER_MANDATORY,
|
||||
SERVICE_PARAM_OPTIONAL: RADOSGW_CONFIG_PARAMETER_OPTIONAL,
|
||||
SERVICE_PARAM_VALIDATOR: RADOSGW_CONFIG_PARAMETER_VALIDATOR,
|
||||
SERVICE_PARAM_RESOURCE: RADOSGW_CONFIG_PARAMETER_RESOURCE,
|
||||
SERVICE_PARAM_DATA_FORMAT: RADOSGW_CONFIG_PARAMETER_DATA_FORMAT,
|
||||
},
|
||||
},
|
||||
constants.SERVICE_TYPE_DOCKER: {
|
||||
|
|
|
@ -2067,3 +2067,29 @@ def generate_armada_manifest_dir(app_name, app_version):
|
|||
|
||||
def generate_armada_manifest_filename_abs(armada_mfile_dir, app_name, manifest_filename):
|
||||
return os.path.join(armada_mfile_dir, app_name + '-' + manifest_filename)
|
||||
|
||||
|
||||
def is_chart_enabled(dbapi, app_name, chart_name, namespace):
|
||||
"""
|
||||
Check if the chart is enable at an application level
|
||||
|
||||
:param app_name: Application name
|
||||
:param chart_name: Chart supplied with the application
|
||||
:param namespace: Namespace where the chart will be executed
|
||||
|
||||
Returns true by default if an exception occurs as most charts are
|
||||
enabled.
|
||||
"""
|
||||
try:
|
||||
db_app = dbapi.kube_app_get(app_name)
|
||||
db_chart = dbapi.helm_override_get(db_app.id, chart_name, namespace)
|
||||
except exception.KubeAppNotFound:
|
||||
LOG.exception("is_chart_enabled: %s application unknown" % (app_name))
|
||||
return True
|
||||
except exception.HelmOverrideNotFound:
|
||||
LOG.exception("is_chart_enabled: %s/%s/%s overrides missing" % (
|
||||
app_name, chart_name, namespace))
|
||||
return True
|
||||
|
||||
return db_chart.system_overrides.get(helm_common.HELM_CHART_ATTR_ENABLED,
|
||||
False)
|
||||
|
|
|
@ -462,14 +462,14 @@ class ConductorManager(service.PeriodicService):
|
|||
'name': constants.SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT,
|
||||
'value': constants.SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT_DEFAULT,
|
||||
},
|
||||
{'service': constants.SERVICE_TYPE_SWIFT,
|
||||
'section': constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG,
|
||||
'name': constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED,
|
||||
{'service': constants.SERVICE_TYPE_RADOSGW,
|
||||
'section': constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG,
|
||||
'name': constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED,
|
||||
'value': False},
|
||||
{'service': constants.SERVICE_TYPE_SWIFT,
|
||||
'section': constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG,
|
||||
'name': constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB,
|
||||
'value': constants.SERVICE_PARAM_SWIFT_FS_SIZE_MB_DEFAULT},
|
||||
{'service': constants.SERVICE_TYPE_RADOSGW,
|
||||
'section': constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG,
|
||||
'name': constants.SERVICE_PARAM_NAME_RADOSGW_FS_SIZE_MB,
|
||||
'value': constants.SERVICE_PARAM_RADOSGW_FS_SIZE_MB_DEFAULT},
|
||||
{'service': constants.SERVICE_TYPE_HTTP,
|
||||
'section': constants.SERVICE_PARAM_SECTION_HTTP_CONFIG,
|
||||
'name': constants.SERVICE_PARAM_HTTP_PORT_HTTP,
|
||||
|
@ -6220,21 +6220,6 @@ class ConductorManager(service.PeriodicService):
|
|||
config_uuid,
|
||||
config_dict)
|
||||
|
||||
def _revert_cephrgw_config(self, context):
|
||||
""" Revert ceph rgw configuration. """
|
||||
personalities = [constants.CONTROLLER]
|
||||
|
||||
config_uuid = self._config_update_hosts(context, personalities)
|
||||
|
||||
config_dict = {
|
||||
"personalities": personalities,
|
||||
"classes": ['platform::ceph::rgw::runtime_revert']
|
||||
}
|
||||
|
||||
self._config_apply_runtime_manifest(context,
|
||||
config_uuid,
|
||||
config_dict)
|
||||
|
||||
def _update_config_for_stx_openstack(self, context):
|
||||
""" Update the runtime configurations that are required
|
||||
for stx-openstack application
|
||||
|
@ -6253,15 +6238,15 @@ class ConductorManager(service.PeriodicService):
|
|||
config_uuid,
|
||||
config_dict)
|
||||
|
||||
def _update_cephrgw_config(self, context):
|
||||
""" Update ceph rgw configuration. """
|
||||
def _update_radosgw_config(self, context):
|
||||
""" Update ceph radosgw configuration. """
|
||||
personalities = [constants.CONTROLLER]
|
||||
|
||||
config_uuid = self._config_update_hosts(context, personalities)
|
||||
|
||||
config_dict = {
|
||||
"personalities": personalities,
|
||||
"classes": ['platform::ceph::rgw::runtime']
|
||||
"classes": ['platform::ceph::rgw::keystone::runtime']
|
||||
}
|
||||
|
||||
self._config_apply_runtime_manifest(context,
|
||||
|
@ -7024,11 +7009,13 @@ class ConductorManager(service.PeriodicService):
|
|||
}
|
||||
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
||||
|
||||
elif service == constants.SERVICE_TYPE_SWIFT:
|
||||
elif service == constants.SERVICE_TYPE_RADOSGW:
|
||||
personalities = [constants.CONTROLLER]
|
||||
config_dict = {
|
||||
"personalities": personalities,
|
||||
"classes": ['openstack::swift::runtime']
|
||||
"classes": ['platform::ceph::rgw::runtime',
|
||||
'platform::sm::rgw::runtime',
|
||||
'platform::haproxy::runtime']
|
||||
}
|
||||
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
||||
|
||||
|
@ -10200,12 +10187,15 @@ class ConductorManager(service.PeriodicService):
|
|||
# generate .unlock_ready flag
|
||||
cutils.touch(constants.UNLOCK_READY_FLAG)
|
||||
else:
|
||||
self._update_cephrgw_config(context)
|
||||
# apply any runtime configurations that are needed for
|
||||
# stx_openstack application
|
||||
self._update_config_for_stx_openstack(context)
|
||||
self._update_pciirqaffinity_config(context)
|
||||
|
||||
# The radosgw chart may have been enabled/disabled. Regardless of
|
||||
# the prior apply state, update the ceph config
|
||||
self._update_radosgw_config(context)
|
||||
|
||||
return app_applied
|
||||
|
||||
def perform_app_update(self, context, from_rpc_app, to_rpc_app, tarfile, operation):
|
||||
|
@ -10240,10 +10230,10 @@ class ConductorManager(service.PeriodicService):
|
|||
|
||||
app_removed = self._app.perform_app_remove(rpc_app)
|
||||
if constants.HELM_APP_OPENSTACK == appname and app_removed:
|
||||
self._revert_cephrgw_config(context)
|
||||
# Update the VIM and PciIrqAffinity configuration.
|
||||
self._update_vim_config(context)
|
||||
self._update_pciirqaffinity_config(context)
|
||||
self._update_radosgw_config(context)
|
||||
return app_removed
|
||||
|
||||
def perform_app_abort(self, context, rpc_app):
|
||||
|
|
|
@ -263,12 +263,5 @@ class BaseHelm(object):
|
|||
Returns true by default if an exception occurs as most charts are
|
||||
enabled.
|
||||
"""
|
||||
try:
|
||||
db_app = self.dbapi.kube_app_get(app_name)
|
||||
db_chart = self.dbapi.helm_override_get(db_app.id, chart_name, namespace)
|
||||
except exception.KubeAppNotFound:
|
||||
return True
|
||||
except exception.HelmOverrideNotFound:
|
||||
return True
|
||||
|
||||
return db_chart.system_overrides.get(common.HELM_CHART_ATTR_ENABLED, False)
|
||||
return utils.is_chart_enabled(
|
||||
self.dbapi, app_name, chart_name, namespace)
|
||||
|
|
|
@ -13,6 +13,10 @@ from sysinv.helm import openstack
|
|||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
# These are set in hiera data and applied via puppet to the radosgw
|
||||
RADOSGW_SERVICE_DOMAIN_NAME = 'service'
|
||||
RADOSGW_SERVICE_PROJECT_NAME = 'service'
|
||||
|
||||
|
||||
class SwiftHelm(openstack.OpenstackBaseHelm):
|
||||
"""Class to encapsulate helm operations for the swift chart"""
|
||||
|
|
|
@ -25,7 +25,6 @@ class BasePuppet(object):
|
|||
CONFIG_WORKDIR = '/tmp/config'
|
||||
DEFAULT_REGION_NAME = 'RegionOne'
|
||||
DEFAULT_SERVICE_PROJECT_NAME = 'services'
|
||||
SWIFT_SERVICE_PROJECT_NAME = 'service'
|
||||
DEFAULT_KERNEL_OPTIONS = constants.SYSTEM_SECURITY_FEATURE_SPECTRE_MELTDOWN_DEFAULT_OPTS
|
||||
|
||||
SYSTEM_CONTROLLER_SERVICES = [
|
||||
|
@ -127,9 +126,6 @@ class BasePuppet(object):
|
|||
system = self._get_system()
|
||||
return system.region_name
|
||||
|
||||
def _get_swift_service_project_name(self):
|
||||
return self.SWIFT_SERVICE_PROJECT_NAME
|
||||
|
||||
def _get_service_project_name(self):
|
||||
if self.dbapi is None:
|
||||
return self.DEFAULT_SERVICE_PROJECT_NAME
|
||||
|
|
|
@ -11,10 +11,14 @@ from sysinv.common import constants
|
|||
from sysinv.common import exception
|
||||
from sysinv.common import utils
|
||||
from sysinv.common.storage_backend_conf import StorageBackendConfig
|
||||
from sysinv.openstack.common import log as logging
|
||||
from sysinv.helm import common
|
||||
from sysinv.helm import swift
|
||||
|
||||
from sysinv.puppet import openstack
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
# NOTE: based on openstack service for providing swift object storage services
|
||||
# via Ceph RGW
|
||||
|
@ -81,8 +85,6 @@ class CephPuppet(openstack.OpenstackBasePuppet):
|
|||
ms_bind_ipv6 = (netaddr.IPAddress(mon_0_ip).version ==
|
||||
constants.IPV6_FAMILY)
|
||||
|
||||
ksuser = self._get_service_user_name(self.SERVICE_NAME_RGW)
|
||||
|
||||
skip_osds_during_restore = \
|
||||
(utils.is_std_system(self.dbapi) and
|
||||
ceph_backend.task == constants.SB_TASK_RESTORE)
|
||||
|
@ -110,17 +112,26 @@ class CephPuppet(openstack.OpenstackBasePuppet):
|
|||
'platform::ceph::params::mon_1_addr': mon_1_addr,
|
||||
'platform::ceph::params::mon_2_addr': mon_2_addr,
|
||||
|
||||
'platform::ceph::params::rgw_admin_user':
|
||||
ksuser,
|
||||
'platform::ceph::params::rgw_admin_domain':
|
||||
'platform::ceph::params::rgw_enabled':
|
||||
self._is_radosgw_enabled(),
|
||||
'platform::ceph::rgw::keystone::swift_endpts_enabled': False,
|
||||
'platform::ceph::rgw::keystone::rgw_admin_user':
|
||||
self._get_service_user_name(self.SERVICE_NAME_RGW),
|
||||
'platform::ceph::rgw::keystone::rgw_admin_password':
|
||||
self._get_service_password(self.SERVICE_NAME_RGW),
|
||||
'platform::ceph::rgw::keystone::rgw_admin_domain':
|
||||
self._get_service_user_domain_name(),
|
||||
'platform::ceph::params::rgw_admin_project':
|
||||
'platform::ceph::rgw::keystone::rgw_admin_project':
|
||||
self._get_service_tenant_name(),
|
||||
'platform::ceph::params::skip_osds_during_restore':
|
||||
skip_osds_during_restore,
|
||||
}
|
||||
|
||||
if utils.is_openstack_applied(self.dbapi):
|
||||
if (utils.is_openstack_applied(self.dbapi) and
|
||||
utils.is_chart_enabled(self.dbapi,
|
||||
constants.HELM_APP_OPENSTACK,
|
||||
common.HELM_CHART_SWIFT,
|
||||
common.HELM_NS_OPENSTACK)):
|
||||
app = self.dbapi.kube_app_get(constants.HELM_APP_OPENSTACK)
|
||||
override = self.dbapi.helm_override_get(
|
||||
app.id,
|
||||
|
@ -130,13 +141,19 @@ class CephPuppet(openstack.OpenstackBasePuppet):
|
|||
self.SERVICE_NAME_RGW, None)
|
||||
if password:
|
||||
swift_auth_password = password.encode('utf8', 'strict')
|
||||
config['platform::ceph::params::rgw_service_password'] = \
|
||||
swift_auth_password
|
||||
|
||||
config['platform::ceph::params::rgw_service_domain'] = \
|
||||
self._get_swift_service_user_domain_name()
|
||||
config['platform::ceph::params::rgw_service_project'] = \
|
||||
self._get_swift_service_tenant_name()
|
||||
config.update(
|
||||
{'platform::ceph::rgw::keystone::swift_endpts_enabled':
|
||||
True})
|
||||
config.pop('platform::ceph::rgw::keystone::rgw_admin_user')
|
||||
config.update({'platform::ceph::rgw::keystone::rgw_admin_password':
|
||||
swift_auth_password})
|
||||
config.update({'platform::ceph::rgw::keystone::rgw_admin_domain':
|
||||
swift.RADOSGW_SERVICE_DOMAIN_NAME})
|
||||
config.update({'platform::ceph::rgw::keystone::rgw_admin_project':
|
||||
swift.RADOSGW_SERVICE_PROJECT_NAME})
|
||||
else:
|
||||
raise exception.SysinvException(
|
||||
"Unable to retreive containerized swift auth password")
|
||||
|
||||
return config
|
||||
|
||||
|
@ -274,3 +291,25 @@ class CephPuppet(openstack.OpenstackBasePuppet):
|
|||
if ceph_mons:
|
||||
return ceph_mons[0]
|
||||
return None
|
||||
|
||||
def _is_radosgw_enabled(self):
|
||||
enabled = False
|
||||
try:
|
||||
radosgw_enabled = self.dbapi.service_parameter_get_one(
|
||||
service=constants.SERVICE_TYPE_RADOSGW,
|
||||
section=constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG,
|
||||
name=constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED)
|
||||
if radosgw_enabled and radosgw_enabled.value.lower() == 'true':
|
||||
enabled = True
|
||||
except exception.NotFound:
|
||||
LOG.error("Service parameter not found: %s/%s/%s" %
|
||||
(constants.SERVICE_TYPE_RADOSGW,
|
||||
constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG,
|
||||
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED))
|
||||
|
||||
except exception.MultipleResults:
|
||||
LOG.error("Multiple service parameters found for %s/%s/%s" %
|
||||
(constants.SERVICE_TYPE_RADOSGW,
|
||||
constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG,
|
||||
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED))
|
||||
return enabled
|
||||
|
|
|
@ -31,7 +31,6 @@ class KeystonePuppet(openstack.OpenstackBasePuppet):
|
|||
ADMIN_USER = 'admin'
|
||||
|
||||
DEFAULT_DOMAIN_NAME = 'Default'
|
||||
SWIFT_DOMAIN_NAME = 'service'
|
||||
|
||||
def _region_config(self):
|
||||
# A wrapper over the Base region_config check.
|
||||
|
@ -299,9 +298,6 @@ class KeystonePuppet(openstack.OpenstackBasePuppet):
|
|||
return service_config.capabilities.get('admin_project_domain')
|
||||
return self.DEFAULT_DOMAIN_NAME
|
||||
|
||||
def get_swift_service_user_domain(self):
|
||||
return self.SWIFT_DOMAIN_NAME
|
||||
|
||||
def get_service_user_domain(self):
|
||||
if self._region_config():
|
||||
service_config = self._get_service_config(self.SERVICE_NAME)
|
||||
|
|
|
@ -160,9 +160,6 @@ class OpenstackBasePuppet(base.BasePuppet):
|
|||
|
||||
return self._region_name()
|
||||
|
||||
def _get_swift_service_tenant_name(self):
|
||||
return self._get_swift_service_project_name()
|
||||
|
||||
def _get_service_tenant_name(self):
|
||||
return self._get_service_project_name()
|
||||
|
||||
|
|
Loading…
Reference in New Issue