Enable Swift on controllers
Enable Swift on controllers to provide low-capacity object storage for users who don't want to rely on the Swift-over-Ceph solution. Swift can be turned on after config_controller by CLI: system service-parameter-modify swift config service_enabled=true system service-parameter-modify swift config fs_size_mb=50 (optional) system service-parameter-apply swift By default the filesystem size is 25MB. Users can optionally modify the size before issuing service-parameter-apply: system service-parameter-modify swift config fs_size_mb=50 Story: 2003518 Task: 24793 Depends-On: https://review.openstack.org/595330 Change-Id: Ic28a2c21ee0823ce55b5d1f0e1123a418d20be04 Signed-off-by: Jack Ding <jack.ding@windriver.com>
This commit is contained in:
parent
ec20cd1580
commit
adcf76c9b3
|
@ -125,6 +125,10 @@ include ::platform::dcmanager::api
|
|||
include ::platform::dcorch::snmp
|
||||
|
||||
include ::platform::smapi
|
||||
|
||||
include ::openstack::swift
|
||||
include ::openstack::swift::api
|
||||
|
||||
include ::platform::sm
|
||||
|
||||
class { '::platform::config::controller::post':
|
||||
|
|
|
@ -0,0 +1,131 @@
|
|||
class openstack::swift::params (
|
||||
$swift_hash_path_suffix = 'swift_secret',
|
||||
$service_name = 'openstack-swift',
|
||||
$service_enabled = false,
|
||||
$api_port = 8080,
|
||||
$api_host = '127.0.0.1',
|
||||
$fs_size_mb = '25',
|
||||
) { }
|
||||
|
||||
|
||||
class openstack::swift::firewall
|
||||
inherits ::openstack::swift::params {
|
||||
|
||||
platform::firewall::rule { 'swift-api':
|
||||
service_name => 'swift',
|
||||
ports => $api_port,
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
class openstack::swift::haproxy
|
||||
inherits ::openstack::swift::params {
|
||||
|
||||
platform::haproxy::proxy { 'swift-restapi':
|
||||
server_name => 's-swift',
|
||||
public_port => $api_port,
|
||||
private_port => $api_port,
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
class openstack::swift::api {
|
||||
include ::openstack::swift::firewall
|
||||
include ::openstack::swift::haproxy
|
||||
}
|
||||
|
||||
|
||||
class openstack::swift
|
||||
inherits ::openstack::swift::params {
|
||||
|
||||
include ::platform::params
|
||||
include ::openstack::keystone::params
|
||||
|
||||
if $service_enabled {
|
||||
if str2bool($::is_controller_active) or
|
||||
str2bool($::is_standalone_controller) {
|
||||
class { '::swift::keystone::auth':
|
||||
configure_s3_endpoint => false,
|
||||
}
|
||||
}
|
||||
|
||||
class { '::swift':
|
||||
swift_hash_path_suffix => $swift_hash_path_suffix
|
||||
}
|
||||
|
||||
include swift::proxy::healthcheck
|
||||
include swift::proxy::proxy_logging
|
||||
include swift::proxy::authtoken
|
||||
include swift::proxy::keystone
|
||||
include swift::proxy::container_quotas
|
||||
class { 'swift::proxy':
|
||||
account_autocreate => true,
|
||||
proxy_local_net_ip => $api_host,
|
||||
port => $api_port,
|
||||
pipeline => ['healthcheck', 'authtoken', 'keystone', 'container-quotas' , 'proxy-logging', 'proxy-server'],
|
||||
}
|
||||
|
||||
swift::storage::loopback { '1':
|
||||
require => Class['swift'],
|
||||
base_dir => '/srv/loopback-device',
|
||||
mnt_base_dir => '/srv/node',
|
||||
byte_size => '1024',
|
||||
seek => $fs_size_mb*1024,
|
||||
}
|
||||
|
||||
# remove dependency on xinetd
|
||||
class { '::rsync::server':
|
||||
use_xinetd => false,
|
||||
address => $api_host,
|
||||
use_chroot => 'no',
|
||||
}
|
||||
|
||||
class { 'swift::storage::all':
|
||||
storage_local_net_ip => $api_host,
|
||||
object_port => '6200',
|
||||
container_port => '6201',
|
||||
account_port => '6202',
|
||||
account_pipeline => ['healthcheck', 'recon', 'account-server'],
|
||||
container_pipeline => ['healthcheck', 'recon', 'container-server'],
|
||||
object_pipeline => ['healthcheck', 'recon', 'object-server'],
|
||||
# Turn on support for object versioning
|
||||
allow_versions => true,
|
||||
}
|
||||
|
||||
$rings = [
|
||||
'account',
|
||||
'object',
|
||||
'container']
|
||||
swift::storage::filter::recon { $rings: }
|
||||
swift::storage::filter::healthcheck { $rings: }
|
||||
|
||||
ring_object_device { "${api_host}:6200/1":
|
||||
region => 1, # optional, defaults to 1
|
||||
zone => 1,
|
||||
weight => 1,
|
||||
}
|
||||
|
||||
ring_container_device { "${api_host}:6201/1":
|
||||
zone => 1,
|
||||
weight => 1,
|
||||
}
|
||||
|
||||
ring_account_device { "${api_host}:6202/1":
|
||||
zone => 1,
|
||||
weight => 1,
|
||||
}
|
||||
|
||||
class { 'swift::ringbuilder':
|
||||
part_power => '10',
|
||||
# number of replicas can not be more than the number of nodes
|
||||
replicas => '1',
|
||||
min_part_hours => '1',
|
||||
require => Class['swift'],
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
class openstack::swift::runtime {
|
||||
include ::openstack::swift
|
||||
}
|
|
@ -153,6 +153,7 @@ class platform::haproxy::runtime {
|
|||
include ::openstack::ironic::haproxy
|
||||
include ::openstack::panko::haproxy
|
||||
include ::openstack::gnocchi::haproxy
|
||||
include ::openstack::swift::haproxy
|
||||
|
||||
class {'::platform::haproxy::reload':
|
||||
stage => post
|
||||
|
|
|
@ -69,7 +69,8 @@ systemconfig.puppet_plugins =
|
|||
029_kubernetes = sysinv.puppet.kubernetes:KubernetesPuppet
|
||||
030_smapi = sysinv.puppet.smapi:SmPuppet
|
||||
031_fm = sysinv.puppet.fm:FmPuppet
|
||||
032_service_parameter = sysinv.puppet.service_parameter:ServiceParamPuppet
|
||||
032_swift = sysinv.puppet.swift:SwiftPuppet
|
||||
033_service_parameter = sysinv.puppet.service_parameter:ServiceParamPuppet
|
||||
|
||||
[pbr]
|
||||
autodoc_index_modules = True
|
||||
|
|
|
@ -947,7 +947,9 @@ def _update_pool_quotas(storceph):
|
|||
|
||||
|
||||
def _check_object_gateway_install():
|
||||
# Ensure we have the required number of monitors
|
||||
api_helper.check_minimal_number_of_controllers(2)
|
||||
api_helper.check_swift_enabled()
|
||||
|
||||
|
||||
def _patch(storceph_uuid, patch):
|
||||
|
@ -1114,7 +1116,6 @@ def _patch(storceph_uuid, patch):
|
|||
# attribute and DB column. This should be driven by if the service
|
||||
# is added to the services list
|
||||
if object_gateway_install:
|
||||
# Ensure we have the required number of monitors
|
||||
_check_object_gateway_install()
|
||||
|
||||
# Update current ceph storage object again for object_gateway delta adjustments
|
||||
|
|
|
@ -581,6 +581,21 @@ class SBApiHelper(object):
|
|||
min_number
|
||||
)
|
||||
|
||||
@staticmethod
|
||||
def check_swift_enabled():
|
||||
try:
|
||||
swift_enabled = pecan.request.dbapi.service_parameter_get_one(
|
||||
service=constants.SERVICE_TYPE_SWIFT,
|
||||
section=constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG,
|
||||
name=constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED)
|
||||
if swift_enabled:
|
||||
raise wsme.exc.ClientSideError(
|
||||
"Swift is already enabled through service parameter.")
|
||||
except exception.SysinvException:
|
||||
raise wsme.exc.ClientSideError(
|
||||
"Failed to check if Swift is already enabled through service "
|
||||
"parameter.")
|
||||
|
||||
@staticmethod
|
||||
def getListFromServices(be_dict):
|
||||
return [] if be_dict['services'] is None else be_dict['services'].split(',')
|
||||
|
|
|
@ -975,6 +975,11 @@ SERVICE_PARAM_SECTION_AODH_DATABASE = "database"
|
|||
SERVICE_PARAM_NAME_AODH_DATABASE_ALARM_HISTORY_TIME_TO_LIVE = "alarm_history_time_to_live"
|
||||
SERVICE_PARAM_AODH_DATABASE_ALARM_HISTORY_TIME_TO_LIVE_DEFAULT = PM_TTL_DEFAULT
|
||||
|
||||
SERVICE_PARAM_SECTION_SWIFT_CONFIG = 'config'
|
||||
SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED = 'service_enabled'
|
||||
SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB = 'fs_size_mb'
|
||||
# default filesystem size to 25 MB
|
||||
SERVICE_PARAM_SWIFT_FS_SIZE_MB_DEFAULT = 25
|
||||
|
||||
# TIS part number, CPE = combined load, STD = standard load
|
||||
TIS_STD_BUILD = 'Standard'
|
||||
|
|
|
@ -21,7 +21,9 @@ import urlparse
|
|||
|
||||
from sysinv.common import constants
|
||||
from sysinv.common import exception
|
||||
from sysinv.common.storage_backend_conf import StorageBackendConfig
|
||||
from sysinv.common import utils as cutils
|
||||
from sysinv.db import api as db_api
|
||||
from sysinv.openstack.common import log
|
||||
from sysinv.openstack.common.gettextutils import _
|
||||
|
||||
|
@ -588,6 +590,18 @@ def _rpm_pkg_is_installed(pkg_name):
|
|||
return (sum > 0)
|
||||
|
||||
|
||||
def _validate_swift_enabled(name, value):
|
||||
_validate_boolean(name, value)
|
||||
if not value:
|
||||
return
|
||||
dbapi = db_api.get_instance()
|
||||
ceph_backend = StorageBackendConfig.get_backend_conf(
|
||||
dbapi, constants.CINDER_BACKEND_CEPH)
|
||||
if ceph_backend and ceph_backend.object_gateway:
|
||||
raise wsme.exc.ClientSideError(_(
|
||||
"Swift API is already supported by Ceph Object Gateway."))
|
||||
|
||||
|
||||
# LDAP Identity Service Parameters (mandatory)
|
||||
SERVICE_PARAM_IDENTITY_LDAP_URL = 'url'
|
||||
|
||||
|
@ -1368,6 +1382,29 @@ AODH_PARAMETER_RESOURCE = {
|
|||
'aodh::alarm_history_time_to_live',
|
||||
}
|
||||
|
||||
SWIFT_CONFIG_PARAMETER_MANDATORY = [
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED,
|
||||
]
|
||||
|
||||
SWIFT_CONFIG_PARAMETER_OPTIONAL = [
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB,
|
||||
]
|
||||
|
||||
SWIFT_CONFIG_PARAMETER_VALIDATOR = {
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED: _validate_swift_enabled,
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB: _validate_integer,
|
||||
}
|
||||
|
||||
SWIFT_CONFIG_PARAMETER_RESOURCE = {
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED:
|
||||
'openstack::swift::params::service_enabled',
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB:
|
||||
'openstack::swift::params::fs_size_mb',
|
||||
}
|
||||
|
||||
SWIFT_CONFIG_PARAMETER_DATA_FORMAT = {
|
||||
constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED: SERVICE_PARAMETER_DATA_FORMAT_BOOLEAN,
|
||||
}
|
||||
|
||||
# Service Parameter Schema
|
||||
SERVICE_PARAM_MANDATORY = 'mandatory'
|
||||
|
@ -1536,6 +1573,15 @@ SERVICE_PARAMETER_SCHEMA = {
|
|||
SERVICE_PARAM_RESOURCE: AODH_PARAMETER_RESOURCE,
|
||||
},
|
||||
},
|
||||
constants.SERVICE_TYPE_SWIFT: {
|
||||
constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG: {
|
||||
SERVICE_PARAM_MANDATORY: SWIFT_CONFIG_PARAMETER_MANDATORY,
|
||||
SERVICE_PARAM_OPTIONAL: SWIFT_CONFIG_PARAMETER_OPTIONAL,
|
||||
SERVICE_PARAM_VALIDATOR: SWIFT_CONFIG_PARAMETER_VALIDATOR,
|
||||
SERVICE_PARAM_RESOURCE: SWIFT_CONFIG_PARAMETER_RESOURCE,
|
||||
SERVICE_PARAM_DATA_FORMAT: SWIFT_CONFIG_PARAMETER_DATA_FORMAT,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
SERVICE_PARAMETER_MAX_LENGTH = 255
|
||||
|
|
|
@ -497,6 +497,14 @@ class ConductorManager(service.PeriodicService):
|
|||
'section': constants.SERVICE_PARAM_SECTION_PLATFORM_SYSINV,
|
||||
'name': constants.SERVICE_PARAM_NAME_SYSINV_FIREWALL_RULES_ID,
|
||||
'value': None},
|
||||
{'service': constants.SERVICE_TYPE_SWIFT,
|
||||
'section': constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG,
|
||||
'name': constants.SERVICE_PARAM_NAME_SWIFT_SERVICE_ENABLED,
|
||||
'value': False},
|
||||
{'service': constants.SERVICE_TYPE_SWIFT,
|
||||
'section': constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG,
|
||||
'name': constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB,
|
||||
'value': constants.SERVICE_PARAM_SWIFT_FS_SIZE_MB_DEFAULT},
|
||||
]
|
||||
|
||||
def _create_default_service_parameter(self):
|
||||
|
@ -6895,6 +6903,14 @@ class ConductorManager(service.PeriodicService):
|
|||
}
|
||||
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
||||
|
||||
elif service == constants.SERVICE_TYPE_SWIFT:
|
||||
personalities = [constants.CONTROLLER]
|
||||
config_dict = {
|
||||
"personalities": personalities,
|
||||
"classes": ['openstack::swift::runtime']
|
||||
}
|
||||
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
||||
|
||||
def update_security_feature_config(self, context):
|
||||
"""Update the kernel options configuration"""
|
||||
personalities = constants.PERSONALITIES
|
||||
|
|
|
@ -0,0 +1,56 @@
|
|||
#
|
||||
# Copyright (c) 2018 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
||||
|
||||
from . import openstack
|
||||
|
||||
|
||||
class SwiftPuppet(openstack.OpenstackBasePuppet):
|
||||
"""Class to encapsulate puppet operations for Swift configuration"""
|
||||
|
||||
SERVICE_NAME = 'swift'
|
||||
SERVICE_PORT = 8080
|
||||
SERVICE_PATH = 'v1/AUTH_%(tenant_id)s'
|
||||
|
||||
def get_secure_static_config(self):
|
||||
kspass = self._get_service_password(self.SERVICE_NAME)
|
||||
|
||||
return {
|
||||
'swift::keystone::auth::password': kspass,
|
||||
'swift::proxy::authtoken::password': kspass,
|
||||
}
|
||||
|
||||
def get_system_config(self):
|
||||
ksuser = self._get_service_user_name(self.SERVICE_NAME)
|
||||
|
||||
config = {
|
||||
'openstack::swift::params::api_host':
|
||||
self._get_management_address(),
|
||||
'swift::keystone::auth::region':
|
||||
self._get_service_region_name(self.SERVICE_NAME),
|
||||
'swift::keystone::auth::auth_name': ksuser,
|
||||
'swift::keystone::auth::tenant': self._get_service_tenant_name(),
|
||||
'swift::keystone::auth::public_url': self.get_public_url(),
|
||||
'swift::keystone::auth::internal_url': self.get_internal_url(),
|
||||
'swift::keystone::auth::admin_url': self.get_admin_url(),
|
||||
'swift::proxy::authtoken::auth_uri': self._keystone_auth_uri(),
|
||||
'swift::proxy::authtoken::auth_url': self._keystone_identity_uri(),
|
||||
'swift::proxy::authtoken::project_name':
|
||||
self._get_service_tenant_name(),
|
||||
'swift::proxy::authtoken::username': ksuser,
|
||||
}
|
||||
return config
|
||||
|
||||
def get_public_url(self):
|
||||
return self._format_public_endpoint(self.SERVICE_PORT,
|
||||
path=self.SERVICE_PATH)
|
||||
|
||||
def get_internal_url(self):
|
||||
return self._format_private_endpoint(self.SERVICE_PORT,
|
||||
path=self.SERVICE_PATH)
|
||||
|
||||
def get_admin_url(self):
|
||||
return self._format_private_endpoint(self.SERVICE_PORT)
|
Loading…
Reference in New Issue