Add Cinder service

Ceph only.

Example conf:

configs:
  ceph:
    fsid: "afca8524-2c47-4b81-a0b7-2300e62212f9"
    mon_host: "IP OF CEPH MON NODE"
  cinder:
    enable: true
    key: "AQCeQ+5XUCgdDBAARRl6lx8Lze9wwf2IzCgBnA=="
    rbd_secret_uuid: "b416770d-f3d4-4ac9-b6db-b6a7ac1c61c0"

Change-Id: I31fde6e2beaf6303fef7188eb2c859beb90567ab
This commit is contained in:
Proskurin Kirill 2016-09-23 14:10:31 +00:00
parent bee0302b7b
commit 088c2658e5
17 changed files with 352 additions and 0 deletions

68
.gitignore vendored Normal file
View File

@ -0,0 +1,68 @@
*.py[cod]
# C extensions
*.so
# Packages
*.egg
*.egg-info
dist
build
.eggs
eggs
parts
bin
var
sdist
develop-eggs
.installed.cfg
lib
lib64
# Installer logs
pip-log.txt
# Unit test / coverage reports
.coverage
cover
.tox
nosetests.xml
.testrepository
.venv
# Translations
*.mo
# Mr Developer
.mr.developer.cfg
.project
.pydevproject
# Complexity
output/*.html
output/*/index.html
# Sphinx
doc/build
# oslo-config-generator
etc/*.sample
# pbr generates these
AUTHORS
ChangeLog
# Editors
*~
.*.swp
.*sw?
# Vagrant
.vagrant
vagrant/Vagrantfile.custom
vagrant/vagrantkey*
# generated openrc
openrc
tests/.cache*

View File

@ -0,0 +1,6 @@
FROM {{ image_spec("cinder-base") }}
MAINTAINER {{ maintainer }}
RUN apt-get install -y --no-install-recommends mysql-client
USER cinder

View File

@ -0,0 +1,18 @@
FROM {{ image_spec("openstack-base") }}
MAINTAINER {{ maintainer }}
COPY sources.list.debian /etc/apt/sources.list.d/ceph.list
{{ copy_sources("openstack/cinder", "/cinder") }}
RUN useradd --user-group -G microservices cinder \
&& apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 460F3994 \
&& /var/lib/microservices/venv/bin/pip install --upgrade /cinder \
&& mkdir -p /etc/cinder /var/lib/cinder /home/cinder \
&& cp -r /cinder/etc/cinder/* /etc/cinder/ \
&& chown -R cinder: /etc/cinder /var/lib/cinder /home/cinder \
&& sed -i 's|^exec_dirs.*|exec_dirs=/var/lib/microservices/venv/bin,/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin|g' /etc/cinder/rootwrap.conf
COPY cinder_sudoers /etc/sudoers.d/cinder_sudoers
RUN chmod 750 /etc/sudoers.d \
&& chmod 440 /etc/sudoers.d/cinder_sudoers

View File

@ -0,0 +1 @@
cinder ALL = (root) NOPASSWD: /var/lib/microservices/venv/bin/cinder-rootwrap /etc/cinder/rootwrap.conf *

View File

@ -0,0 +1 @@
deb http://download.ceph.com/debian-jewel jessie main

View File

@ -0,0 +1,4 @@
FROM {{ image_spec("cinder-base") }}
MAINTAINER {{ maintainer }}
USER cinder

View File

@ -0,0 +1,14 @@
FROM {{ image_spec("cinder-base") }}
MAINTAINER {{ maintainer }}
RUN apt-get update \
&& apt-get install -y --no-install-recommends qemu-utils ceph-common python-ceph python-rados \
&& apt-get clean \
&& mkdir -p /etc/ceph \
&& chown -R cinder: /etc/ceph \
&& ln -s /usr/lib/python2.7/dist-packages/rados.so /var/lib/microservices/venv/local/lib/python2.7/site-packages/rados.so \
&& ln -s /usr/lib/python2.7/dist-packages/rados-0.egg-info /var/lib/microservices/venv/local/lib/python2.7/site-packages/rados-0.egg-info \
&& ln -s /usr/lib/python2.7/dist-packages/rbd-0.egg-info /var/lib/microservices/venv/local/lib/python2.7/site-packages/rbd-0.egg-info \
&& ln -s /usr/lib/python2.7/dist-packages/rbd.so /var/lib/microservices/venv/local/lib/python2.7/site-packages/rbd.so
USER cinder

67
service/cinder-api.yaml Normal file
View File

@ -0,0 +1,67 @@
service:
name: cinder-api
ports:
- {{ cinder.api_port }}
containers:
- name: cinder-api
image: cinder-api
probes:
readiness: "true"
liveness: "true"
pre:
- name: cinder-db-create
dependencies:
- mariadb
type: single
command:
mysql -u root -p{{ keystone.db.password }} -h mariadb -e "create database {{ cinder.db.name }};
grant all privileges on {{ cinder.db.name }}.* to '{{ cinder.db.username }}'@'%' identified by '{{ cinder.db.password }}';"
- name: cinder-db-sync
files:
- cinder-conf
dependencies:
- cinder-db-create
type: single
command: cinder-manage db sync
- name: cinder-user-create
dependencies:
- keystone
type: single
command: openstack user create --domain default --password {{ cinder.password }} {{ cinder.username }}
- name: cinder-role-add
dependencies:
- cinder-user-create
type: single
command: openstack role add --project service --user {{ cinder.username }} admin
- name: cinder-service-create
dependencies:
- keystone
type: single
command: openstack service create --name cinder --description "OpenStack Cinder Service" volumev2
- name: cinder-public-endpoint-create
dependencies:
- cinder-service-create
type: single
command: openstack endpoint create --region RegionOne volumev2 public http://{{ address('cinder-api') }}:{{ cinder.api_port }}/v2/%\(tenant_id\)s
- name: cinder-internal-endpoint-create
dependencies:
- cinder-service-create
type: single
command: openstack endpoint create --region RegionOne volumev2 internal http://{{ address('cinder-api') }}:{{ cinder.api_port }}/v2/%\(tenant_id\)s
- name: cinder-admin-endpoint-create
dependencies:
- cinder-service-create
type: single
command: openstack endpoint create --region RegionOne volumev2 admin http://{{ address('cinder-api') }}:{{ cinder.api_port }}/v2/%\(tenant_id\)s
daemon:
command: cinder-api --config-file /etc/cinder/cinder.conf
files:
- cinder-conf
dependencies:
- memcached
- rabbitmq
files:
cinder-conf:
path: /etc/cinder/cinder.conf
content: cinder.conf.j2

View File

@ -0,0 +1,18 @@
service:
name: cinder-scheduler
containers:
- name: cinder-scheduler
image: cinder-scheduler
probes:
readiness: "true"
liveness: "true"
daemon:
command: cinder-scheduler --config-file /etc/cinder/cinder.conf
files:
- cinder-conf
dependencies:
- cinder-api
files:
cinder-conf:
path: /etc/cinder/cinder.conf
content: cinder.conf.j2

View File

@ -0,0 +1,29 @@
service:
name: cinder-volume
containers:
- name: cinder-volume
image: cinder-volume
privileged: true
probes:
readiness: "true"
liveness: "true"
daemon:
command: cinder-volume --config-file /etc/cinder/cinder.conf
files:
- cinder-conf
# {% if cinder.ceph.enable %}
- ceph-conf
- cinder-ceph-key
# {% endif %}
dependencies:
- cinder-api
files:
cinder-conf:
path: /etc/cinder/cinder.conf
content: cinder.conf.j2
ceph-conf:
path: /etc/ceph/ceph.conf
content: ceph.conf.j2
cinder-ceph-key:
path: /etc/ceph/ceph.client.cinder.keyring
content: ceph.client.cinder.keyring.j2

View File

@ -0,0 +1,3 @@
[client.cinder]
key = {{ cinder.ceph.key }}

View File

@ -0,0 +1,7 @@
[global]
fsid = {{ ceph.fsid }}
mon_host = {{ ceph.mon_host }}
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx

View File

@ -0,0 +1,56 @@
[DEFAULT]
debug = {{ cinder.debug }}
use_forwarded_for = True
use_stderr = True
volume_name_template = volume-%s
glance_api_servers = {{ address('glance-api') }}:{{ glance.api_port }}
glance_num_retries = 3
glance_api_version = 2
os_region_name = RegionOne
enabled_backends = {{ cinder.enabled_backends }}
osapi_volume_listen = {{ network_topology["private"]["address"] }}
osapi_volume_listen_port = {{ cinder.api_port }}
api_paste_config = /etc/cinder/api-paste.ini
nova_catalog_info = compute:nova:internalURL
glance_catalog_info = image:glance:internalURL
auth_strategy = keystone
transport_url=rabbit://{{ rabbitmq.user }}:{{ rabbitmq.password }}@{{ address('rabbitmq') }}
[database]
connection = mysql+pymysql://{{ cinder.db.username }}:{{ cinder.db.password }}@{{ address('mariadb') }}/{{ cinder.db.name }}
max_retries = -1
[keystone_authtoken]
auth_version = v3
auth_uri = http://{{ address('keystone') }}:{{ keystone.public_port }}/v3
auth_url = http://{{ address('keystone') }}:{{ keystone.admin_port }}/v3
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = {{ cinder.username }}
password = {{ cinder.password }}
memcached_servers = {{ address('memcached') }}:{{ memcached.port }}
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
{% if cinder.ceph.enable %}
[rbd]
volume_driver = cinder.volume.drivers.rbd.RBDDriver
rbd_user = {{ cinder.ceph.username }}
rbd_secret_uuid = {{ cinder.ceph.rbd_secret_uuid }}
rbd_pool = {{ cinder.ceph.pool_name }}
rbd_ceph_conf = /etc/ceph/ceph.conf
{% endif %}
[privsep_entrypoint]
helper_command=sudo cinder-rootwrap /etc/cinder/rootwrap.conf privsep-helper --config-file /etc/cinder/cinder.conf

View File

@ -0,0 +1,25 @@
configs:
cinder:
api_port: 8776
debug: false
username: "cinder"
password: "password"
enabled_backends: "rbd"
db:
name: "cinder"
username: "cinder"
password: "password"
ceph:
enable: false
key: "Changeme"
username: "cinder"
pool_name: "volumes"
backup_pool_name: "backup"
rbd_secret_uuid: "Changeme"
sources:
openstack/cinder:
git_url: https://github.com/openstack/cinder.git
git_ref: stable/newton

5
tools/yamllint.sh Executable file
View File

@ -0,0 +1,5 @@
#!/bin/bash
set -ex
workdir=$(dirname $0)
yamllint -c $workdir/yamllint.yaml $(find . -not -path '*/\.*' -type f -name '*.yaml')

21
tools/yamllint.yaml Normal file
View File

@ -0,0 +1,21 @@
extends: default
rules:
braces:
max-spaces-inside: 1
comments:
level: error
comments-indentation:
level: warning
document-end:
present: no
document-start:
level: error
present: no
empty-lines:
max: 1
max-start: 0
max-end: 0
line-length:
level: warning
max: 120

9
tox.ini Normal file
View File

@ -0,0 +1,9 @@
[tox]
minversion = 1.6
envlist = linters
skipsdist = True
[testenv:linters]
deps = yamllint
commands =
{toxinidir}/tools/yamllint.sh