Merge "Configure radosgw and ceph-rgw as optional services"
This commit is contained in:
commit
28f20a95e2
|
@ -2,6 +2,7 @@ disabled_charts:
|
||||||
- aodh
|
- aodh
|
||||||
- barbican
|
- barbican
|
||||||
- ceilometer
|
- ceilometer
|
||||||
|
- ceph-rgw
|
||||||
- gnocchi
|
- gnocchi
|
||||||
- ironic
|
- ironic
|
||||||
- panko
|
- panko
|
||||||
|
|
|
@ -22,6 +22,7 @@ class platform::ceph::params(
|
||||||
$mon_2_host = undef,
|
$mon_2_host = undef,
|
||||||
$mon_2_ip = undef,
|
$mon_2_ip = undef,
|
||||||
$mon_2_addr = undef,
|
$mon_2_addr = undef,
|
||||||
|
$rgw_enabled = false,
|
||||||
$rgw_client_name = 'radosgw.gateway',
|
$rgw_client_name = 'radosgw.gateway',
|
||||||
$rgw_user_name = 'root',
|
$rgw_user_name = 'root',
|
||||||
$rgw_frontend_type = 'civetweb',
|
$rgw_frontend_type = 'civetweb',
|
||||||
|
@ -30,10 +31,6 @@ class platform::ceph::params(
|
||||||
$rgw_service_domain = undef,
|
$rgw_service_domain = undef,
|
||||||
$rgw_service_project = undef,
|
$rgw_service_project = undef,
|
||||||
$rgw_service_password = undef,
|
$rgw_service_password = undef,
|
||||||
$rgw_admin_domain = undef,
|
|
||||||
$rgw_admin_project = undef,
|
|
||||||
$rgw_admin_user = 'swift',
|
|
||||||
$rgw_admin_password = undef,
|
|
||||||
$rgw_max_put_size = '53687091200',
|
$rgw_max_put_size = '53687091200',
|
||||||
$rgw_gc_max_objs = '977',
|
$rgw_gc_max_objs = '977',
|
||||||
$rgw_gc_obj_min_wait = '600',
|
$rgw_gc_obj_min_wait = '600',
|
||||||
|
@ -411,7 +408,7 @@ class platform::ceph::osds(
|
||||||
class platform::ceph::haproxy
|
class platform::ceph::haproxy
|
||||||
inherits ::platform::ceph::params {
|
inherits ::platform::ceph::params {
|
||||||
|
|
||||||
if $service_enabled {
|
if $rgw_enabled {
|
||||||
platform::haproxy::proxy { 'ceph-radosgw-restapi':
|
platform::haproxy::proxy { 'ceph-radosgw-restapi':
|
||||||
server_name => 's-ceph-radosgw',
|
server_name => 's-ceph-radosgw',
|
||||||
public_port => $rgw_port,
|
public_port => $rgw_port,
|
||||||
|
@ -420,60 +417,48 @@ class platform::ceph::haproxy
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class platform::ceph::rgw::runtime
|
class platform::ceph::rgw::keystone (
|
||||||
inherits ::platform::ceph::params {
|
$swift_endpts_enabled = false,
|
||||||
if $service_enabled {
|
$rgw_admin_domain = undef,
|
||||||
include ::platform::params
|
$rgw_admin_project = undef,
|
||||||
|
$rgw_admin_user = 'swift',
|
||||||
|
$rgw_admin_password = undef,
|
||||||
|
) inherits ::platform::ceph::params {
|
||||||
|
include ::openstack::keystone::params
|
||||||
|
if $rgw_enabled {
|
||||||
|
|
||||||
include ::openstack::keystone::params
|
if $swift_endpts_enabled {
|
||||||
|
$url = $::openstack::keystone::params::openstack_auth_uri
|
||||||
ceph::rgw::keystone { $rgw_client_name:
|
} else {
|
||||||
rgw_keystone_admin_token => '',
|
$url = $::openstack::keystone::params::auth_uri
|
||||||
rgw_keystone_url => $::openstack::keystone::params::openstack_auth_uri,
|
|
||||||
rgw_keystone_version => $::openstack::keystone::params::api_version,
|
|
||||||
rgw_keystone_accepted_roles => 'admin,_member_',
|
|
||||||
user => $rgw_user_name,
|
|
||||||
use_pki => false,
|
|
||||||
rgw_keystone_admin_domain => $rgw_service_domain,
|
|
||||||
rgw_keystone_admin_project => $rgw_service_project,
|
|
||||||
rgw_keystone_admin_user => $rgw_admin_user,
|
|
||||||
rgw_keystone_admin_password => $rgw_service_password,
|
|
||||||
}
|
|
||||||
exec { 'sm-restart-safe service ceph-radosgw':
|
|
||||||
command => 'sm-restart-safe service ceph-radosgw'
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ceph::rgw::keystone { $rgw_client_name:
|
||||||
|
# keystone admin token is disabled after initial keystone configuration
|
||||||
|
# for security reason. Use keystone service tenant credentials instead.
|
||||||
|
rgw_keystone_admin_token => '',
|
||||||
|
rgw_keystone_url => $url,
|
||||||
|
rgw_keystone_version => $::openstack::keystone::params::api_version,
|
||||||
|
rgw_keystone_accepted_roles => 'admin,_member_',
|
||||||
|
user => $rgw_user_name,
|
||||||
|
use_pki => false,
|
||||||
|
rgw_keystone_revocation_interval => 0,
|
||||||
|
rgw_keystone_token_cache_size => 0,
|
||||||
|
rgw_keystone_admin_domain => $rgw_admin_domain,
|
||||||
|
rgw_keystone_admin_project => $rgw_admin_project,
|
||||||
|
rgw_keystone_admin_user => $rgw_admin_user,
|
||||||
|
rgw_keystone_admin_password => $rgw_admin_password,
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class platform::ceph::rgw::runtime_revert
|
|
||||||
inherits ::platform::ceph::params {
|
|
||||||
if $service_enabled {
|
|
||||||
include ::platform::params
|
|
||||||
|
|
||||||
include ::openstack::keystone::params
|
|
||||||
|
|
||||||
ceph::rgw::keystone { $rgw_client_name:
|
|
||||||
rgw_keystone_admin_token => '',
|
|
||||||
rgw_keystone_url => $::openstack::keystone::params::auth_uri,
|
|
||||||
rgw_keystone_version => $::openstack::keystone::params::api_version,
|
|
||||||
rgw_keystone_accepted_roles => 'admin,_member_',
|
|
||||||
user => $rgw_user_name,
|
|
||||||
use_pki => false,
|
|
||||||
rgw_keystone_admin_domain => $rgw_admin_domain,
|
|
||||||
rgw_keystone_admin_project => $rgw_admin_project,
|
|
||||||
rgw_keystone_admin_user => $rgw_admin_user,
|
|
||||||
rgw_keystone_admin_password => $rgw_admin_password,
|
|
||||||
}
|
|
||||||
exec { 'sm-restart-safe service ceph-radosgw':
|
|
||||||
command => 'sm-restart-safe service ceph-radosgw'
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
class platform::ceph::rgw
|
class platform::ceph::rgw
|
||||||
inherits ::platform::ceph::params {
|
inherits ::platform::ceph::params {
|
||||||
|
include ::ceph::params
|
||||||
|
include ::ceph::profile::params
|
||||||
|
|
||||||
if $service_enabled {
|
if $rgw_enabled {
|
||||||
include ::platform::params
|
include ::platform::params
|
||||||
|
|
||||||
include ::openstack::keystone::params
|
include ::openstack::keystone::params
|
||||||
|
@ -491,19 +476,7 @@ class platform::ceph::rgw
|
||||||
log_file => $rgw_log_file,
|
log_file => $rgw_log_file,
|
||||||
}
|
}
|
||||||
|
|
||||||
ceph::rgw::keystone { $rgw_client_name:
|
include ::platform::ceph::rgw::keystone
|
||||||
# keystone admin token is disabled after initial keystone configuration
|
|
||||||
# for security reason. Use keystone service tenant credentials instead.
|
|
||||||
rgw_keystone_admin_token => '',
|
|
||||||
rgw_keystone_url => $::openstack::keystone::params::auth_uri,
|
|
||||||
rgw_keystone_version => $::openstack::keystone::params::api_version,
|
|
||||||
rgw_keystone_accepted_roles => 'admin,_member_',
|
|
||||||
use_pki => false,
|
|
||||||
rgw_keystone_admin_domain => $rgw_admin_domain,
|
|
||||||
rgw_keystone_admin_project => $rgw_admin_project,
|
|
||||||
rgw_keystone_admin_user => $rgw_admin_user,
|
|
||||||
rgw_keystone_admin_password => $rgw_admin_password,
|
|
||||||
}
|
|
||||||
|
|
||||||
ceph_config {
|
ceph_config {
|
||||||
# increase limit for single operation uploading to 50G (50*1024*1024*1024)
|
# increase limit for single operation uploading to 50G (50*1024*1024*1024)
|
||||||
|
@ -599,3 +572,36 @@ class platform::ceph::runtime_osds {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Used to configure optional radosgw platform service
|
||||||
|
class platform::ceph::rgw::runtime
|
||||||
|
inherits ::platform::ceph::params {
|
||||||
|
|
||||||
|
include platform::ceph::rgw
|
||||||
|
|
||||||
|
# Make sure the ceph configuration is complete before sm dynamically
|
||||||
|
# provisions/deprovisions the service
|
||||||
|
Class[$name] -> Class['::platform::sm::rgw::runtime']
|
||||||
|
|
||||||
|
unless $rgw_enabled {
|
||||||
|
# SM's current behavior will not stop the service being de-provisioned, so
|
||||||
|
# stop it when needed
|
||||||
|
exec { 'Stopping ceph-radosgw service':
|
||||||
|
command => '/etc/init.d/ceph-radosgw stop'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Used to configure radosgw keystone info based on containerized swift endpoints
|
||||||
|
# being enabled/disabled
|
||||||
|
class platform::ceph::rgw::keystone::runtime
|
||||||
|
inherits ::platform::ceph::params {
|
||||||
|
|
||||||
|
include ::platform::ceph::rgw::keystone
|
||||||
|
|
||||||
|
exec { 'sm-restart-safe service ceph-radosgw':
|
||||||
|
command => 'sm-restart-safe service ceph-radosgw'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -175,6 +175,7 @@ class platform::sm
|
||||||
# Ceph-Rados-Gateway
|
# Ceph-Rados-Gateway
|
||||||
include ::platform::ceph::params
|
include ::platform::ceph::params
|
||||||
$ceph_configured = $::platform::ceph::params::service_enabled
|
$ceph_configured = $::platform::ceph::params::service_enabled
|
||||||
|
$rgw_configured = $::platform::ceph::params::rgw_enabled
|
||||||
|
|
||||||
if $system_mode == 'simplex' {
|
if $system_mode == 'simplex' {
|
||||||
$hostunit = '0'
|
$hostunit = '0'
|
||||||
|
@ -818,13 +819,20 @@ class platform::sm
|
||||||
}
|
}
|
||||||
|
|
||||||
# Ceph-Rados-Gateway
|
# Ceph-Rados-Gateway
|
||||||
if $ceph_configured {
|
if $rgw_configured {
|
||||||
exec {'Provision Ceph-Rados-Gateway (service-group-member ceph-radosgw)':
|
exec {'Provision Ceph-Rados-Gateway (service-group-member ceph-radosgw)':
|
||||||
command => 'sm-provision service-group-member storage-monitoring-services ceph-radosgw'
|
command => 'sm-provision service-group-member storage-monitoring-services ceph-radosgw'
|
||||||
}
|
}
|
||||||
-> exec { 'Provision Ceph-Rados-Gateway (service ceph-radosgw)':
|
-> exec { 'Provision Ceph-Rados-Gateway (service ceph-radosgw)':
|
||||||
command => 'sm-provision service ceph-radosgw',
|
command => 'sm-provision service ceph-radosgw',
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
exec {'Deprovision Ceph-Rados-Gateway (service-group-member ceph-radosgw)':
|
||||||
|
command => 'sm-deprovision service-group-member storage-monitoring-services ceph-radosgw'
|
||||||
|
}
|
||||||
|
-> exec { 'Deprovision Ceph-Rados-Gateway (service ceph-radosgw)':
|
||||||
|
command => 'sm-deprovision service ceph-radosgw',
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if $ldapserver_remote {
|
if $ldapserver_remote {
|
||||||
|
@ -989,3 +997,17 @@ class platform::sm::stx_openstack::runtime {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class platform::sm::rgw::runtime {
|
||||||
|
$rgw_configured = $::platform::ceph::params::rgw_enabled
|
||||||
|
|
||||||
|
if $rgw_configured {
|
||||||
|
exec {'Provision Ceph-Rados-Gateway (service-group-member ceph-radosgw)':
|
||||||
|
command => 'sm-provision service-group-member storage-monitoring-services ceph-radosgw --apply'
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
exec {'Deprovision Ceph-Rados-Gateway (service-group-member ceph-radosgw)':
|
||||||
|
command => 'sm-deprovision service-group-member storage-monitoring-services ceph-radosgw --apply'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -906,7 +906,7 @@ SERVICE_TYPE_HORIZON = "horizon"
|
||||||
SERVICE_TYPE_CEPH = 'ceph'
|
SERVICE_TYPE_CEPH = 'ceph'
|
||||||
SERVICE_TYPE_CINDER = 'cinder'
|
SERVICE_TYPE_CINDER = 'cinder'
|
||||||
SERVICE_TYPE_PLATFORM = 'platform'
|
SERVICE_TYPE_PLATFORM = 'platform'
|
||||||
SERVICE_TYPE_SWIFT = 'swift'
|
SERVICE_TYPE_RADOSGW = 'radosgw'
|
||||||
SERVICE_TYPE_GLANCE = 'glance'
|
SERVICE_TYPE_GLANCE = 'glance'
|
||||||
SERVICE_TYPE_BARBICAN = 'barbican'
|
SERVICE_TYPE_BARBICAN = 'barbican'
|
||||||
SERVICE_TYPE_DOCKER = 'docker'
|
SERVICE_TYPE_DOCKER = 'docker'
|
||||||
|
@ -954,9 +954,9 @@ SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT_DEFAULT = 0
|
||||||
# default time to live seconds
|
# default time to live seconds
|
||||||
PM_TTL_DEFAULT = 86400
|
PM_TTL_DEFAULT = 86400
|
||||||
|
|
||||||
SERVICE_PARAM_SECTION_SWIFT_CONFIG = 'config'
|
SERVICE_PARAM_SECTION_RADOSGW_CONFIG = 'config'
|
||||||
SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED = 'service_enabled'
|
SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED = 'service_enabled'
|
||||||
SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB = 'fs_size_mb'
|
SERVICE_PARAM_NAME_RADOSGW_FS_SIZE_MB = 'fs_size_mb'
|
||||||
|
|
||||||
# docker parameters
|
# docker parameters
|
||||||
SERVICE_PARAM_SECTION_DOCKER_PROXY = 'proxy'
|
SERVICE_PARAM_SECTION_DOCKER_PROXY = 'proxy'
|
||||||
|
@ -976,7 +976,7 @@ SERVICE_PARAM_SECTION_KUBERNETES_CERTIFICATES = 'certificates'
|
||||||
SERVICE_PARAM_NAME_KUBERNETES_API_SAN_LIST = 'apiserver_certsan'
|
SERVICE_PARAM_NAME_KUBERNETES_API_SAN_LIST = 'apiserver_certsan'
|
||||||
|
|
||||||
# default filesystem size to 25 MB
|
# default filesystem size to 25 MB
|
||||||
SERVICE_PARAM_SWIFT_FS_SIZE_MB_DEFAULT = 25
|
SERVICE_PARAM_RADOSGW_FS_SIZE_MB_DEFAULT = 25
|
||||||
|
|
||||||
# HTTP Service Parameters
|
# HTTP Service Parameters
|
||||||
SERVICE_PARAM_SECTION_HTTP_CONFIG = 'config'
|
SERVICE_PARAM_SECTION_HTTP_CONFIG = 'config'
|
||||||
|
@ -1139,7 +1139,7 @@ PARTITION_MANAGE_LOCK = "partition-manage"
|
||||||
|
|
||||||
# Optional services
|
# Optional services
|
||||||
ALL_OPTIONAL_SERVICES = [SERVICE_TYPE_CINDER,
|
ALL_OPTIONAL_SERVICES = [SERVICE_TYPE_CINDER,
|
||||||
SERVICE_TYPE_SWIFT]
|
SERVICE_TYPE_RADOSGW]
|
||||||
|
|
||||||
# System mode
|
# System mode
|
||||||
SYSTEM_MODE_DUPLEX = "duplex"
|
SYSTEM_MODE_DUPLEX = "duplex"
|
||||||
|
|
|
@ -14,9 +14,7 @@ import wsme
|
||||||
|
|
||||||
from sysinv.common import constants
|
from sysinv.common import constants
|
||||||
from sysinv.common import exception
|
from sysinv.common import exception
|
||||||
from sysinv.common.storage_backend_conf import StorageBackendConfig
|
|
||||||
from sysinv.common import utils as cutils
|
from sysinv.common import utils as cutils
|
||||||
from sysinv.db import api as db_api
|
|
||||||
from sysinv.openstack.common import log
|
from sysinv.openstack.common import log
|
||||||
from sysinv.openstack.common.gettextutils import _
|
from sysinv.openstack.common.gettextutils import _
|
||||||
|
|
||||||
|
@ -262,16 +260,10 @@ def _rpm_pkg_is_installed(pkg_name):
|
||||||
return (sum > 0)
|
return (sum > 0)
|
||||||
|
|
||||||
|
|
||||||
def _validate_swift_enabled(name, value):
|
def _validate_radosgw_enabled(name, value):
|
||||||
_validate_boolean(name, value)
|
if not cutils.is_valid_boolstr(value):
|
||||||
if not value:
|
|
||||||
return
|
|
||||||
dbapi = db_api.get_instance()
|
|
||||||
ceph_backend = StorageBackendConfig.get_backend_conf(
|
|
||||||
dbapi, constants.CINDER_BACKEND_CEPH)
|
|
||||||
if ceph_backend and ceph_backend.object_gateway:
|
|
||||||
raise wsme.exc.ClientSideError(_(
|
raise wsme.exc.ClientSideError(_(
|
||||||
"Swift API is already supported by Ceph Object Gateway."))
|
"Parameter '%s' must be a valid bool string." % name))
|
||||||
|
|
||||||
|
|
||||||
def _validate_docker_proxy_address(name, value):
|
def _validate_docker_proxy_address(name, value):
|
||||||
|
@ -405,28 +397,28 @@ PLATFORM_MTCE_PARAMETER_RESOURCE = {
|
||||||
constants.SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT: 'platform::mtce::params::mnfa_timeout',
|
constants.SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT: 'platform::mtce::params::mnfa_timeout',
|
||||||
}
|
}
|
||||||
|
|
||||||
SWIFT_CONFIG_PARAMETER_MANDATORY = [
|
RADOSGW_CONFIG_PARAMETER_MANDATORY = [
|
||||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED,
|
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED,
|
||||||
]
|
]
|
||||||
|
|
||||||
SWIFT_CONFIG_PARAMETER_OPTIONAL = [
|
RADOSGW_CONFIG_PARAMETER_OPTIONAL = [
|
||||||
constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB,
|
constants.SERVICE_PARAM_NAME_RADOSGW_FS_SIZE_MB,
|
||||||
]
|
]
|
||||||
|
|
||||||
SWIFT_CONFIG_PARAMETER_VALIDATOR = {
|
RADOSGW_CONFIG_PARAMETER_VALIDATOR = {
|
||||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED: _validate_swift_enabled,
|
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED: _validate_radosgw_enabled,
|
||||||
constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB: _validate_integer,
|
constants.SERVICE_PARAM_NAME_RADOSGW_FS_SIZE_MB: _validate_integer,
|
||||||
}
|
}
|
||||||
|
|
||||||
SWIFT_CONFIG_PARAMETER_RESOURCE = {
|
RADOSGW_CONFIG_PARAMETER_RESOURCE = {
|
||||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED:
|
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED:
|
||||||
'openstack::swift::params::service_enabled',
|
'openstack::radosgw::params::service_enabled',
|
||||||
constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB:
|
constants.SERVICE_PARAM_NAME_RADOSGW_FS_SIZE_MB:
|
||||||
'openstack::swift::params::fs_size_mb',
|
'openstack::radosgw::params::fs_size_mb',
|
||||||
}
|
}
|
||||||
|
|
||||||
SWIFT_CONFIG_PARAMETER_DATA_FORMAT = {
|
RADOSGW_CONFIG_PARAMETER_DATA_FORMAT = {
|
||||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED: SERVICE_PARAMETER_DATA_FORMAT_BOOLEAN,
|
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED: SERVICE_PARAMETER_DATA_FORMAT_BOOLEAN,
|
||||||
}
|
}
|
||||||
|
|
||||||
DOCKER_PROXY_PARAMETER_OPTIONAL = [
|
DOCKER_PROXY_PARAMETER_OPTIONAL = [
|
||||||
|
@ -563,13 +555,13 @@ SERVICE_PARAMETER_SCHEMA = {
|
||||||
SERVICE_PARAM_RESOURCE: HORIZON_AUTH_PARAMETER_RESOURCE,
|
SERVICE_PARAM_RESOURCE: HORIZON_AUTH_PARAMETER_RESOURCE,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
constants.SERVICE_TYPE_SWIFT: {
|
constants.SERVICE_TYPE_RADOSGW: {
|
||||||
constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG: {
|
constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG: {
|
||||||
SERVICE_PARAM_MANDATORY: SWIFT_CONFIG_PARAMETER_MANDATORY,
|
SERVICE_PARAM_MANDATORY: RADOSGW_CONFIG_PARAMETER_MANDATORY,
|
||||||
SERVICE_PARAM_OPTIONAL: SWIFT_CONFIG_PARAMETER_OPTIONAL,
|
SERVICE_PARAM_OPTIONAL: RADOSGW_CONFIG_PARAMETER_OPTIONAL,
|
||||||
SERVICE_PARAM_VALIDATOR: SWIFT_CONFIG_PARAMETER_VALIDATOR,
|
SERVICE_PARAM_VALIDATOR: RADOSGW_CONFIG_PARAMETER_VALIDATOR,
|
||||||
SERVICE_PARAM_RESOURCE: SWIFT_CONFIG_PARAMETER_RESOURCE,
|
SERVICE_PARAM_RESOURCE: RADOSGW_CONFIG_PARAMETER_RESOURCE,
|
||||||
SERVICE_PARAM_DATA_FORMAT: SWIFT_CONFIG_PARAMETER_DATA_FORMAT,
|
SERVICE_PARAM_DATA_FORMAT: RADOSGW_CONFIG_PARAMETER_DATA_FORMAT,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
constants.SERVICE_TYPE_DOCKER: {
|
constants.SERVICE_TYPE_DOCKER: {
|
||||||
|
|
|
@ -2063,3 +2063,29 @@ def generate_armada_manifest_dir(app_name, app_version):
|
||||||
|
|
||||||
def generate_armada_manifest_filename_abs(armada_mfile_dir, app_name, manifest_filename):
|
def generate_armada_manifest_filename_abs(armada_mfile_dir, app_name, manifest_filename):
|
||||||
return os.path.join(armada_mfile_dir, app_name + '-' + manifest_filename)
|
return os.path.join(armada_mfile_dir, app_name + '-' + manifest_filename)
|
||||||
|
|
||||||
|
|
||||||
|
def is_chart_enabled(dbapi, app_name, chart_name, namespace):
|
||||||
|
"""
|
||||||
|
Check if the chart is enable at an application level
|
||||||
|
|
||||||
|
:param app_name: Application name
|
||||||
|
:param chart_name: Chart supplied with the application
|
||||||
|
:param namespace: Namespace where the chart will be executed
|
||||||
|
|
||||||
|
Returns true by default if an exception occurs as most charts are
|
||||||
|
enabled.
|
||||||
|
"""
|
||||||
|
try:
|
||||||
|
db_app = dbapi.kube_app_get(app_name)
|
||||||
|
db_chart = dbapi.helm_override_get(db_app.id, chart_name, namespace)
|
||||||
|
except exception.KubeAppNotFound:
|
||||||
|
LOG.exception("is_chart_enabled: %s application unknown" % (app_name))
|
||||||
|
return True
|
||||||
|
except exception.HelmOverrideNotFound:
|
||||||
|
LOG.exception("is_chart_enabled: %s/%s/%s overrides missing" % (
|
||||||
|
app_name, chart_name, namespace))
|
||||||
|
return True
|
||||||
|
|
||||||
|
return db_chart.system_overrides.get(helm_common.HELM_CHART_ATTR_ENABLED,
|
||||||
|
False)
|
||||||
|
|
|
@ -462,14 +462,14 @@ class ConductorManager(service.PeriodicService):
|
||||||
'name': constants.SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT,
|
'name': constants.SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT,
|
||||||
'value': constants.SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT_DEFAULT,
|
'value': constants.SERVICE_PARAM_PLAT_MTCE_MNFA_TIMEOUT_DEFAULT,
|
||||||
},
|
},
|
||||||
{'service': constants.SERVICE_TYPE_SWIFT,
|
{'service': constants.SERVICE_TYPE_RADOSGW,
|
||||||
'section': constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG,
|
'section': constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG,
|
||||||
'name': constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED,
|
'name': constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED,
|
||||||
'value': False},
|
'value': False},
|
||||||
{'service': constants.SERVICE_TYPE_SWIFT,
|
{'service': constants.SERVICE_TYPE_RADOSGW,
|
||||||
'section': constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG,
|
'section': constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG,
|
||||||
'name': constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB,
|
'name': constants.SERVICE_PARAM_NAME_RADOSGW_FS_SIZE_MB,
|
||||||
'value': constants.SERVICE_PARAM_SWIFT_FS_SIZE_MB_DEFAULT},
|
'value': constants.SERVICE_PARAM_RADOSGW_FS_SIZE_MB_DEFAULT},
|
||||||
{'service': constants.SERVICE_TYPE_HTTP,
|
{'service': constants.SERVICE_TYPE_HTTP,
|
||||||
'section': constants.SERVICE_PARAM_SECTION_HTTP_CONFIG,
|
'section': constants.SERVICE_PARAM_SECTION_HTTP_CONFIG,
|
||||||
'name': constants.SERVICE_PARAM_HTTP_PORT_HTTP,
|
'name': constants.SERVICE_PARAM_HTTP_PORT_HTTP,
|
||||||
|
@ -6211,21 +6211,6 @@ class ConductorManager(service.PeriodicService):
|
||||||
config_uuid,
|
config_uuid,
|
||||||
config_dict)
|
config_dict)
|
||||||
|
|
||||||
def _revert_cephrgw_config(self, context):
|
|
||||||
""" Revert ceph rgw configuration. """
|
|
||||||
personalities = [constants.CONTROLLER]
|
|
||||||
|
|
||||||
config_uuid = self._config_update_hosts(context, personalities)
|
|
||||||
|
|
||||||
config_dict = {
|
|
||||||
"personalities": personalities,
|
|
||||||
"classes": ['platform::ceph::rgw::runtime_revert']
|
|
||||||
}
|
|
||||||
|
|
||||||
self._config_apply_runtime_manifest(context,
|
|
||||||
config_uuid,
|
|
||||||
config_dict)
|
|
||||||
|
|
||||||
def _update_config_for_stx_openstack(self, context):
|
def _update_config_for_stx_openstack(self, context):
|
||||||
""" Update the runtime configurations that are required
|
""" Update the runtime configurations that are required
|
||||||
for stx-openstack application
|
for stx-openstack application
|
||||||
|
@ -6244,15 +6229,15 @@ class ConductorManager(service.PeriodicService):
|
||||||
config_uuid,
|
config_uuid,
|
||||||
config_dict)
|
config_dict)
|
||||||
|
|
||||||
def _update_cephrgw_config(self, context):
|
def _update_radosgw_config(self, context):
|
||||||
""" Update ceph rgw configuration. """
|
""" Update ceph radosgw configuration. """
|
||||||
personalities = [constants.CONTROLLER]
|
personalities = [constants.CONTROLLER]
|
||||||
|
|
||||||
config_uuid = self._config_update_hosts(context, personalities)
|
config_uuid = self._config_update_hosts(context, personalities)
|
||||||
|
|
||||||
config_dict = {
|
config_dict = {
|
||||||
"personalities": personalities,
|
"personalities": personalities,
|
||||||
"classes": ['platform::ceph::rgw::runtime']
|
"classes": ['platform::ceph::rgw::keystone::runtime']
|
||||||
}
|
}
|
||||||
|
|
||||||
self._config_apply_runtime_manifest(context,
|
self._config_apply_runtime_manifest(context,
|
||||||
|
@ -7015,11 +7000,13 @@ class ConductorManager(service.PeriodicService):
|
||||||
}
|
}
|
||||||
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
||||||
|
|
||||||
elif service == constants.SERVICE_TYPE_SWIFT:
|
elif service == constants.SERVICE_TYPE_RADOSGW:
|
||||||
personalities = [constants.CONTROLLER]
|
personalities = [constants.CONTROLLER]
|
||||||
config_dict = {
|
config_dict = {
|
||||||
"personalities": personalities,
|
"personalities": personalities,
|
||||||
"classes": ['openstack::swift::runtime']
|
"classes": ['platform::ceph::rgw::runtime',
|
||||||
|
'platform::sm::rgw::runtime',
|
||||||
|
'platform::haproxy::runtime']
|
||||||
}
|
}
|
||||||
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
||||||
|
|
||||||
|
@ -10191,12 +10178,15 @@ class ConductorManager(service.PeriodicService):
|
||||||
# generate .unlock_ready flag
|
# generate .unlock_ready flag
|
||||||
cutils.touch(constants.UNLOCK_READY_FLAG)
|
cutils.touch(constants.UNLOCK_READY_FLAG)
|
||||||
else:
|
else:
|
||||||
self._update_cephrgw_config(context)
|
|
||||||
# apply any runtime configurations that are needed for
|
# apply any runtime configurations that are needed for
|
||||||
# stx_openstack application
|
# stx_openstack application
|
||||||
self._update_config_for_stx_openstack(context)
|
self._update_config_for_stx_openstack(context)
|
||||||
self._update_pciirqaffinity_config(context)
|
self._update_pciirqaffinity_config(context)
|
||||||
|
|
||||||
|
# The radosgw chart may have been enabled/disabled. Regardless of
|
||||||
|
# the prior apply state, update the ceph config
|
||||||
|
self._update_radosgw_config(context)
|
||||||
|
|
||||||
return app_applied
|
return app_applied
|
||||||
|
|
||||||
def perform_app_update(self, context, from_rpc_app, to_rpc_app, tarfile, operation):
|
def perform_app_update(self, context, from_rpc_app, to_rpc_app, tarfile, operation):
|
||||||
|
@ -10231,10 +10221,10 @@ class ConductorManager(service.PeriodicService):
|
||||||
|
|
||||||
app_removed = self._app.perform_app_remove(rpc_app)
|
app_removed = self._app.perform_app_remove(rpc_app)
|
||||||
if constants.HELM_APP_OPENSTACK == appname and app_removed:
|
if constants.HELM_APP_OPENSTACK == appname and app_removed:
|
||||||
self._revert_cephrgw_config(context)
|
|
||||||
# Update the VIM and PciIrqAffinity configuration.
|
# Update the VIM and PciIrqAffinity configuration.
|
||||||
self._update_vim_config(context)
|
self._update_vim_config(context)
|
||||||
self._update_pciirqaffinity_config(context)
|
self._update_pciirqaffinity_config(context)
|
||||||
|
self._update_radosgw_config(context)
|
||||||
return app_removed
|
return app_removed
|
||||||
|
|
||||||
def perform_app_abort(self, context, rpc_app):
|
def perform_app_abort(self, context, rpc_app):
|
||||||
|
|
|
@ -263,12 +263,5 @@ class BaseHelm(object):
|
||||||
Returns true by default if an exception occurs as most charts are
|
Returns true by default if an exception occurs as most charts are
|
||||||
enabled.
|
enabled.
|
||||||
"""
|
"""
|
||||||
try:
|
return utils.is_chart_enabled(
|
||||||
db_app = self.dbapi.kube_app_get(app_name)
|
self.dbapi, app_name, chart_name, namespace)
|
||||||
db_chart = self.dbapi.helm_override_get(db_app.id, chart_name, namespace)
|
|
||||||
except exception.KubeAppNotFound:
|
|
||||||
return True
|
|
||||||
except exception.HelmOverrideNotFound:
|
|
||||||
return True
|
|
||||||
|
|
||||||
return db_chart.system_overrides.get(common.HELM_CHART_ATTR_ENABLED, False)
|
|
||||||
|
|
|
@ -13,6 +13,10 @@ from sysinv.helm import openstack
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
# These are set in hiera data and applied via puppet to the radosgw
|
||||||
|
RADOSGW_SERVICE_DOMAIN_NAME = 'service'
|
||||||
|
RADOSGW_SERVICE_PROJECT_NAME = 'service'
|
||||||
|
|
||||||
|
|
||||||
class SwiftHelm(openstack.OpenstackBaseHelm):
|
class SwiftHelm(openstack.OpenstackBaseHelm):
|
||||||
"""Class to encapsulate helm operations for the swift chart"""
|
"""Class to encapsulate helm operations for the swift chart"""
|
||||||
|
|
|
@ -25,7 +25,6 @@ class BasePuppet(object):
|
||||||
CONFIG_WORKDIR = '/tmp/config'
|
CONFIG_WORKDIR = '/tmp/config'
|
||||||
DEFAULT_REGION_NAME = 'RegionOne'
|
DEFAULT_REGION_NAME = 'RegionOne'
|
||||||
DEFAULT_SERVICE_PROJECT_NAME = 'services'
|
DEFAULT_SERVICE_PROJECT_NAME = 'services'
|
||||||
SWIFT_SERVICE_PROJECT_NAME = 'service'
|
|
||||||
DEFAULT_KERNEL_OPTIONS = constants.SYSTEM_SECURITY_FEATURE_SPECTRE_MELTDOWN_DEFAULT_OPTS
|
DEFAULT_KERNEL_OPTIONS = constants.SYSTEM_SECURITY_FEATURE_SPECTRE_MELTDOWN_DEFAULT_OPTS
|
||||||
|
|
||||||
SYSTEM_CONTROLLER_SERVICES = [
|
SYSTEM_CONTROLLER_SERVICES = [
|
||||||
|
@ -127,9 +126,6 @@ class BasePuppet(object):
|
||||||
system = self._get_system()
|
system = self._get_system()
|
||||||
return system.region_name
|
return system.region_name
|
||||||
|
|
||||||
def _get_swift_service_project_name(self):
|
|
||||||
return self.SWIFT_SERVICE_PROJECT_NAME
|
|
||||||
|
|
||||||
def _get_service_project_name(self):
|
def _get_service_project_name(self):
|
||||||
if self.dbapi is None:
|
if self.dbapi is None:
|
||||||
return self.DEFAULT_SERVICE_PROJECT_NAME
|
return self.DEFAULT_SERVICE_PROJECT_NAME
|
||||||
|
|
|
@ -11,10 +11,14 @@ from sysinv.common import constants
|
||||||
from sysinv.common import exception
|
from sysinv.common import exception
|
||||||
from sysinv.common import utils
|
from sysinv.common import utils
|
||||||
from sysinv.common.storage_backend_conf import StorageBackendConfig
|
from sysinv.common.storage_backend_conf import StorageBackendConfig
|
||||||
|
from sysinv.openstack.common import log as logging
|
||||||
from sysinv.helm import common
|
from sysinv.helm import common
|
||||||
|
from sysinv.helm import swift
|
||||||
|
|
||||||
from sysinv.puppet import openstack
|
from sysinv.puppet import openstack
|
||||||
|
|
||||||
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
# NOTE: based on openstack service for providing swift object storage services
|
# NOTE: based on openstack service for providing swift object storage services
|
||||||
# via Ceph RGW
|
# via Ceph RGW
|
||||||
|
@ -81,8 +85,6 @@ class CephPuppet(openstack.OpenstackBasePuppet):
|
||||||
ms_bind_ipv6 = (netaddr.IPAddress(mon_0_ip).version ==
|
ms_bind_ipv6 = (netaddr.IPAddress(mon_0_ip).version ==
|
||||||
constants.IPV6_FAMILY)
|
constants.IPV6_FAMILY)
|
||||||
|
|
||||||
ksuser = self._get_service_user_name(self.SERVICE_NAME_RGW)
|
|
||||||
|
|
||||||
skip_osds_during_restore = \
|
skip_osds_during_restore = \
|
||||||
(utils.is_std_system(self.dbapi) and
|
(utils.is_std_system(self.dbapi) and
|
||||||
ceph_backend.task == constants.SB_TASK_RESTORE)
|
ceph_backend.task == constants.SB_TASK_RESTORE)
|
||||||
|
@ -110,17 +112,26 @@ class CephPuppet(openstack.OpenstackBasePuppet):
|
||||||
'platform::ceph::params::mon_1_addr': mon_1_addr,
|
'platform::ceph::params::mon_1_addr': mon_1_addr,
|
||||||
'platform::ceph::params::mon_2_addr': mon_2_addr,
|
'platform::ceph::params::mon_2_addr': mon_2_addr,
|
||||||
|
|
||||||
'platform::ceph::params::rgw_admin_user':
|
'platform::ceph::params::rgw_enabled':
|
||||||
ksuser,
|
self._is_radosgw_enabled(),
|
||||||
'platform::ceph::params::rgw_admin_domain':
|
'platform::ceph::rgw::keystone::swift_endpts_enabled': False,
|
||||||
|
'platform::ceph::rgw::keystone::rgw_admin_user':
|
||||||
|
self._get_service_user_name(self.SERVICE_NAME_RGW),
|
||||||
|
'platform::ceph::rgw::keystone::rgw_admin_password':
|
||||||
|
self._get_service_password(self.SERVICE_NAME_RGW),
|
||||||
|
'platform::ceph::rgw::keystone::rgw_admin_domain':
|
||||||
self._get_service_user_domain_name(),
|
self._get_service_user_domain_name(),
|
||||||
'platform::ceph::params::rgw_admin_project':
|
'platform::ceph::rgw::keystone::rgw_admin_project':
|
||||||
self._get_service_tenant_name(),
|
self._get_service_tenant_name(),
|
||||||
'platform::ceph::params::skip_osds_during_restore':
|
'platform::ceph::params::skip_osds_during_restore':
|
||||||
skip_osds_during_restore,
|
skip_osds_during_restore,
|
||||||
}
|
}
|
||||||
|
|
||||||
if utils.is_openstack_applied(self.dbapi):
|
if (utils.is_openstack_applied(self.dbapi) and
|
||||||
|
utils.is_chart_enabled(self.dbapi,
|
||||||
|
constants.HELM_APP_OPENSTACK,
|
||||||
|
common.HELM_CHART_SWIFT,
|
||||||
|
common.HELM_NS_OPENSTACK)):
|
||||||
app = self.dbapi.kube_app_get(constants.HELM_APP_OPENSTACK)
|
app = self.dbapi.kube_app_get(constants.HELM_APP_OPENSTACK)
|
||||||
override = self.dbapi.helm_override_get(
|
override = self.dbapi.helm_override_get(
|
||||||
app.id,
|
app.id,
|
||||||
|
@ -130,13 +141,19 @@ class CephPuppet(openstack.OpenstackBasePuppet):
|
||||||
self.SERVICE_NAME_RGW, None)
|
self.SERVICE_NAME_RGW, None)
|
||||||
if password:
|
if password:
|
||||||
swift_auth_password = password.encode('utf8', 'strict')
|
swift_auth_password = password.encode('utf8', 'strict')
|
||||||
config['platform::ceph::params::rgw_service_password'] = \
|
config.update(
|
||||||
swift_auth_password
|
{'platform::ceph::rgw::keystone::swift_endpts_enabled':
|
||||||
|
True})
|
||||||
config['platform::ceph::params::rgw_service_domain'] = \
|
config.pop('platform::ceph::rgw::keystone::rgw_admin_user')
|
||||||
self._get_swift_service_user_domain_name()
|
config.update({'platform::ceph::rgw::keystone::rgw_admin_password':
|
||||||
config['platform::ceph::params::rgw_service_project'] = \
|
swift_auth_password})
|
||||||
self._get_swift_service_tenant_name()
|
config.update({'platform::ceph::rgw::keystone::rgw_admin_domain':
|
||||||
|
swift.RADOSGW_SERVICE_DOMAIN_NAME})
|
||||||
|
config.update({'platform::ceph::rgw::keystone::rgw_admin_project':
|
||||||
|
swift.RADOSGW_SERVICE_PROJECT_NAME})
|
||||||
|
else:
|
||||||
|
raise exception.SysinvException(
|
||||||
|
"Unable to retreive containerized swift auth password")
|
||||||
|
|
||||||
return config
|
return config
|
||||||
|
|
||||||
|
@ -274,3 +291,25 @@ class CephPuppet(openstack.OpenstackBasePuppet):
|
||||||
if ceph_mons:
|
if ceph_mons:
|
||||||
return ceph_mons[0]
|
return ceph_mons[0]
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
def _is_radosgw_enabled(self):
|
||||||
|
enabled = False
|
||||||
|
try:
|
||||||
|
radosgw_enabled = self.dbapi.service_parameter_get_one(
|
||||||
|
service=constants.SERVICE_TYPE_RADOSGW,
|
||||||
|
section=constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG,
|
||||||
|
name=constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED)
|
||||||
|
if radosgw_enabled and radosgw_enabled.value.lower() == 'true':
|
||||||
|
enabled = True
|
||||||
|
except exception.NotFound:
|
||||||
|
LOG.error("Service parameter not found: %s/%s/%s" %
|
||||||
|
(constants.SERVICE_TYPE_RADOSGW,
|
||||||
|
constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG,
|
||||||
|
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED))
|
||||||
|
|
||||||
|
except exception.MultipleResults:
|
||||||
|
LOG.error("Multiple service parameters found for %s/%s/%s" %
|
||||||
|
(constants.SERVICE_TYPE_RADOSGW,
|
||||||
|
constants.SERVICE_PARAM_SECTION_RADOSGW_CONFIG,
|
||||||
|
constants.SERVICE_PARAM_NAME_RADOSGW_SERVICE_ENABLED))
|
||||||
|
return enabled
|
||||||
|
|
|
@ -31,7 +31,6 @@ class KeystonePuppet(openstack.OpenstackBasePuppet):
|
||||||
ADMIN_USER = 'admin'
|
ADMIN_USER = 'admin'
|
||||||
|
|
||||||
DEFAULT_DOMAIN_NAME = 'Default'
|
DEFAULT_DOMAIN_NAME = 'Default'
|
||||||
SWIFT_DOMAIN_NAME = 'service'
|
|
||||||
|
|
||||||
def _region_config(self):
|
def _region_config(self):
|
||||||
# A wrapper over the Base region_config check.
|
# A wrapper over the Base region_config check.
|
||||||
|
@ -299,9 +298,6 @@ class KeystonePuppet(openstack.OpenstackBasePuppet):
|
||||||
return service_config.capabilities.get('admin_project_domain')
|
return service_config.capabilities.get('admin_project_domain')
|
||||||
return self.DEFAULT_DOMAIN_NAME
|
return self.DEFAULT_DOMAIN_NAME
|
||||||
|
|
||||||
def get_swift_service_user_domain(self):
|
|
||||||
return self.SWIFT_DOMAIN_NAME
|
|
||||||
|
|
||||||
def get_service_user_domain(self):
|
def get_service_user_domain(self):
|
||||||
if self._region_config():
|
if self._region_config():
|
||||||
service_config = self._get_service_config(self.SERVICE_NAME)
|
service_config = self._get_service_config(self.SERVICE_NAME)
|
||||||
|
|
|
@ -160,9 +160,6 @@ class OpenstackBasePuppet(base.BasePuppet):
|
||||||
|
|
||||||
return self._region_name()
|
return self._region_name()
|
||||||
|
|
||||||
def _get_swift_service_tenant_name(self):
|
|
||||||
return self._get_swift_service_project_name()
|
|
||||||
|
|
||||||
def _get_service_tenant_name(self):
|
def _get_service_tenant_name(self):
|
||||||
return self._get_service_project_name()
|
return self._get_service_project_name()
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue