From c69942d0d77ba1b887bd1e0ed2110a87f19331ec Mon Sep 17 00:00:00 2001 From: Robert Church Date: Sat, 8 Jun 2019 22:49:18 -0400 Subject: [PATCH] Enable Cinder volume backups To properly enable Cinder volume backup, the following configuration changes are required: - For Cinder, enable 'CephBackupDriver' as the Cinder backup_driver and 'cinder' as the rbd_user for each Cinder backend - For libvirt, enable Ceph and use 'cinder-volume-rbd-keyring' for the Ceph client user secret. This will create a libvirt secret that will be used with the 'cinder' user. - For nova, enable the rbd_secret_uuid shared with libvirt and set the 'rbd_user' to cinder. - Update the chart group initialization sequence, so that 'openstack-cinder' is initialized prior to 'openstack-compute-kit'. This is done because 'cinder-volume-rbd-keyring' is created by Cinder and is required by libvirt to successfully initialize. With these configuration changes: - Cinder volumes were created - Cinder volumes were backed up - Instances were booted by volume (from Cinder) - Instances were booted by image (from Ceph ephemeral disks) Change-Id: I29c7d3ed118f4a6726f2ea887a165f256bc32fd5 Depends-On: https://review.opendev.org/#/c/664619/ Story: 2004520 Task: 28266 Signed-off-by: Robert Church --- .../stx-openstack-helm/centos/build_srpm.data | 2 +- .../stx-openstack-helm/manifests/manifest.yaml | 11 +++++++---- sysinv/sysinv/centos/build_srpm.data | 2 +- sysinv/sysinv/sysinv/sysinv/helm/cinder.py | 4 +--- sysinv/sysinv/sysinv/sysinv/helm/libvirt.py | 3 --- sysinv/sysinv/sysinv/sysinv/helm/nova.py | 5 ++++- 6 files changed, 14 insertions(+), 13 deletions(-) diff --git a/kubernetes/applications/stx-openstack/stx-openstack-helm/centos/build_srpm.data b/kubernetes/applications/stx-openstack/stx-openstack-helm/centos/build_srpm.data index 035fddebd5..9182d75497 100644 --- a/kubernetes/applications/stx-openstack/stx-openstack-helm/centos/build_srpm.data +++ b/kubernetes/applications/stx-openstack/stx-openstack-helm/centos/build_srpm.data @@ -1,4 +1,4 @@ SRC_DIR="stx-openstack-helm" COPY_LIST_TO_TAR="$PKG_BASE/../../../helm-charts/garbd \ $PKG_BASE/../../../helm-charts/clients" -TIS_PATCH_VER=14 +TIS_PATCH_VER=15 \ No newline at end of file diff --git a/kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/manifests/manifest.yaml b/kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/manifests/manifest.yaml index 1af1b2ed6e..df517d436b 100644 --- a/kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/manifests/manifest.yaml +++ b/kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/manifests/manifest.yaml @@ -684,7 +684,7 @@ data: conf: cinder: DEFAULT: - backup_driver: cinder.backup.drivers.swift + backup_driver: cinder.backup.drivers.ceph.CephBackupDriver storage: rbd source: type: tar @@ -711,12 +711,16 @@ data: upgrade: no_hooks: false values: + ceph_client: + user_secret_name: cinder-volume-rbd-keyring labels: agent: libvirt: node_selector_key: openstack-compute-node node_selector_value: enabled conf: + ceph: + enabled: true kubernetes: cgroup: "k8s-infra" images: @@ -929,8 +933,7 @@ data: live_migration_completion_timeout: 180 live_migration_permit_auto_converge: true mem_stats_period_seconds: 0 - rbd_secret_uuid: null - rbd_user: null + rbd_user: cinder # Allow up to 1 day for resize conf remove_unused_resized_minimum_age_seconds: 86400 database: @@ -3242,9 +3245,9 @@ data: - openstack-clients - openstack-barbican - openstack-glance + - openstack-cinder - openstack-ceph-rgw - openstack-compute-kit - openstack-heat - openstack-horizon - - openstack-cinder - openstack-telemetry diff --git a/sysinv/sysinv/centos/build_srpm.data b/sysinv/sysinv/centos/build_srpm.data index 907a27a648..e691fcb313 100644 --- a/sysinv/sysinv/centos/build_srpm.data +++ b/sysinv/sysinv/centos/build_srpm.data @@ -1,2 +1,2 @@ SRC_DIR="sysinv" -TIS_PATCH_VER=322 +TIS_PATCH_VER=323 diff --git a/sysinv/sysinv/sysinv/sysinv/helm/cinder.py b/sysinv/sysinv/sysinv/sysinv/helm/cinder.py index f24fbb2cfa..1e3a24f013 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/cinder.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/cinder.py @@ -95,9 +95,6 @@ class CinderHelm(openstack.OpenstackBaseHelm): backend_type=constants.SB_TYPE_CEPH) conf_cinder = { 'DEFAULT': { - # Use the CEPH backup driver. The chart will create a pool for - # keeping the backups. All cinder backup pods will use it. - 'backup_driver': 'cinder.backup.drivers.ceph.CephBackupDriver', 'enabled_backends': ','.join( b.name.encode('utf8', 'strict') for b in backends) }, @@ -152,6 +149,7 @@ class CinderHelm(openstack.OpenstackBaseHelm): 'volume_backend_name': bk_name, 'volume_driver': 'cinder.volume.drivers.rbd.RBDDriver', 'rbd_pool': rbd_pool.encode('utf8', 'strict'), + 'rbd_user': 'cinder', 'rbd_ceph_conf': (constants.CEPH_CONF_PATH + constants.SB_TYPE_CEPH_CONF_FILENAME), diff --git a/sysinv/sysinv/sysinv/sysinv/helm/libvirt.py b/sysinv/sysinv/sysinv/sysinv/helm/libvirt.py index 2fd6a5dc43..877ae41e14 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/libvirt.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/libvirt.py @@ -27,9 +27,6 @@ class LibvirtHelm(openstack.OpenstackBaseHelm): 'libvirt': { 'listen_addr': '0.0.0.0' }, - 'ceph': { - 'enabled': False - }, 'qemu': { 'user': "root", 'group': "root", diff --git a/sysinv/sysinv/sysinv/sysinv/helm/nova.py b/sysinv/sysinv/sysinv/sysinv/helm/nova.py index 688b65615a..2544a96a00 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/nova.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/nova.py @@ -18,7 +18,10 @@ from sysinv.helm import openstack LOG = logging.getLogger(__name__) -RBD_POOL_USER = "ephemeral" +# Align ephemeral rbd_user with the cinder rbd_user so that the same libvirt +# secret can be used for accessing both pools. This also aligns with the +# behavior defined in nova/virt/libvirt/volume/net.py:_set_auth_config_rbd() +RBD_POOL_USER = "cinder" DEFAULT_NOVA_PCI_ALIAS = [ {"vendor_id": constants.NOVA_PCI_ALIAS_QAT_PF_VENDOR,