Massive refactoring of Cinder cookbook
* Updates the attributes to align with openstack-common and the other AT&T-standardized OpenStack cookbooks * Splits the single server recipe out into recipes for common, api, setup, volume and scheduler so that nodes can get the Cinder API, Cinder Scheduler and/or Cinder Volume service installed separately * Pull in the isci and tgt packages, matching RCBOps volume recipe
This commit is contained in:
parent
a87067fb4e
commit
fe9993cdc9
|
@ -0,0 +1 @@
|
|||
*.swp
|
98
README.md
98
README.md
|
@ -1,4 +1,96 @@
|
|||
cinder
|
||||
======
|
||||
Description
|
||||
===========
|
||||
|
||||
Chef cookbook for deploying the OpenStack Advanced Volume Management service Cinder.
|
||||
Installs the Openstack volume service (codename: cinder) from packages.
|
||||
|
||||
http://cinder.openstack.org
|
||||
|
||||
Requirements
|
||||
============
|
||||
|
||||
Chef 0.10.0 or higher required (for Chef environment use).
|
||||
|
||||
Platforms
|
||||
--------
|
||||
|
||||
* Ubuntu-12.04
|
||||
* Fedora-17
|
||||
|
||||
Cookbooks
|
||||
---------
|
||||
|
||||
The following cookbooks are dependencies:
|
||||
|
||||
* apt
|
||||
* database
|
||||
* glance
|
||||
* keystone
|
||||
* mysql
|
||||
* openssh
|
||||
* rabbitmq
|
||||
* selinux (Fedora)
|
||||
* openstack-common
|
||||
* openstack-utils
|
||||
|
||||
Recipes
|
||||
=======
|
||||
|
||||
api
|
||||
----
|
||||
- Installs the cinder-api, sets up the cinder database,
|
||||
and cinder service/user/endpoints in keystone
|
||||
|
||||
scheduler
|
||||
----
|
||||
- Installs the cinder-scheduler service
|
||||
|
||||
volume
|
||||
----
|
||||
- Installs the cinder-volume service and sets up the iscsi helper
|
||||
|
||||
|
||||
Attributes
|
||||
==========
|
||||
|
||||
* `cinder["db"]["name"]` - name of database to create for cinder
|
||||
* `cinder["db"]["username"]` - cinder username for database
|
||||
* `cinder["service_tenant_name"]` - name of tenant to use for the cinder service account in keystone
|
||||
* `cinder["service_user"]` - cinder service user in keystone
|
||||
* `cinder["service_role"]` - role for the cinder service user in keystone
|
||||
* `cinder["syslog"]["use"]`
|
||||
* `cinder["syslog"]["facility"]`
|
||||
* `cinder["syslog"]["config_facility"]`
|
||||
* `cinder["platform"]` = hash of platform specific package/service names and options
|
||||
|
||||
Templates
|
||||
=====
|
||||
* `api-paste.ini.erb` - Paste config for cinder API middleware
|
||||
* `cinder.conf.erb` - Basic cinder.conf file
|
||||
* `targets.conf.erb` - config file for tgt (iscsi target software)
|
||||
|
||||
License and Author
|
||||
==================
|
||||
|
||||
Author:: Justin Shepherd (<justin.shepherd@rackspace.com>)
|
||||
Author:: Jason Cannavale (<jason.cannavale@rackspace.com>)
|
||||
Author:: Ron Pedde (<ron.pedde@rackspace.com>)
|
||||
Author:: Joseph Breu (<joseph.breu@rackspace.com>)
|
||||
Author:: William Kelly (<william.kelly@rackspace.com>)
|
||||
Author:: Darren Birkett (<darren.birkett@rackspace.co.uk>)
|
||||
Author:: Evan Callicoat (<evan.callicoat@rackspace.com>)
|
||||
Author:: Jay Pipes (<jaypipes@gmail.com>)
|
||||
|
||||
Copyright 2012, Rackspace US, Inc.
|
||||
Copyright 2012, AT&T, Inc.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
|
|
|
@ -23,44 +23,71 @@
|
|||
default["developer_mode"] = false # we want secure passwords by default
|
||||
########################################################################
|
||||
|
||||
default["openstack"]["cinder"]["services"]["volume"]["scheme"] = "http"
|
||||
default["openstack"]["cinder"]["services"]["volume"]["network"] = "public"
|
||||
default["openstack"]["cinder"]["services"]["volume"]["port"] = 8776
|
||||
default["openstack"]["cinder"]["services"]["volume"]["path"] = "/v1"
|
||||
# Set to some text value if you want templated config files
|
||||
# to contain a custom banner at the top of the written file
|
||||
default["cinder"]["custom_template_banner"] = "
|
||||
# This file autogenerated by Chef
|
||||
# Do not edit, changes will be overwritten
|
||||
"
|
||||
|
||||
default["cinder"]["services"]["volume"]["scheme"] = "http"
|
||||
default["cinder"]["services"]["volume"]["network"] = "public"
|
||||
default["cinder"]["services"]["volume"]["port"] = 8776
|
||||
default["cinder"]["services"]["volume"]["path"] = "/v1"
|
||||
default["cinder"]["verbose"] = "False"
|
||||
default["cinder"]["debug"] = "False"
|
||||
|
||||
default["openstack"]["cinder"]["db"]["name"] = "cinder"
|
||||
default["openstack"]["cinder"]["db"]["username"] = "cinder"
|
||||
# Availability zone/region for the Cinder service
|
||||
default["cinder"]["region"] = "RegionOne"
|
||||
|
||||
# TODO: These may need to be glance-registry specific.. and looked up by glance-api
|
||||
default["openstack"]["cinder"]["service_tenant_name"] = "service"
|
||||
default["openstack"]["cinder"]["service_user"] = "cinder"
|
||||
default["openstack"]["cinder"]["service_role"] = "admin"
|
||||
# The name of the Chef role that knows about the message queue server
|
||||
# that Cinder uses
|
||||
default["cinder"]["rabbit_server_chef_role"] = "rabbitmq-server"
|
||||
|
||||
# This is the name of the Chef role that will install the Keystone Service API
|
||||
default["cinder"]["keystone_service_chef_role"] = "keystone"
|
||||
|
||||
# This is the name of the Chef role that will install the Glance API
|
||||
default["cinder"]["glance_api_chef_role"] = "glance-api"
|
||||
|
||||
# operating system group name
|
||||
default["cinder"]["group"] = "cinder"
|
||||
# operating system user that services will run under
|
||||
default["cinder"]["user"] = "cinder"
|
||||
|
||||
default["cinder"]["db"]["name"] = "cinder"
|
||||
default["cinder"]["db"]["username"] = "cinder"
|
||||
|
||||
default["cinder"]["service_tenant_name"] = "service"
|
||||
default["cinder"]["service_user"] = "cinder"
|
||||
default["cinder"]["service_role"] = "admin"
|
||||
|
||||
# logging attribute
|
||||
default["openstack"]["cinder"]["syslog"]["use"] = false
|
||||
default["openstack"]["cinder"]["syslog"]["facility"] = "LOG_LOCAL2"
|
||||
default["openstack"]["cinder"]["syslog"]["config_facility"] = "local2"
|
||||
default["cinder"]["syslog"]["use"] = false
|
||||
default["cinder"]["syslog"]["facility"] = "LOG_LOCAL2"
|
||||
default["cinder"]["syslog"]["config_facility"] = "local2"
|
||||
|
||||
default["cinder"]["api"]["ratelimit"] = "True"
|
||||
|
||||
# platform-specific settings
|
||||
case platform
|
||||
when "fedora", "redhat", "centos"
|
||||
default["openstack"]["cinder"]["platform"] = {
|
||||
"mysql_python_packages" => [ "MySQL-python" ],
|
||||
"cinder_packages" => [ "openstack-cinder", "openstack-swift" ],
|
||||
default["cinder"]["platform"] = {
|
||||
"cinder_api_packages" => ["openstack-cinder", "python-cinderclient", "MySQL-python"],
|
||||
"cinder_api_service" => "openstack-cinder-api",
|
||||
"cinder_volume_packages" => ["openstack-cinder", "MySQL-python"],
|
||||
"cinder_volume_service" => "openstack-cinder-volume",
|
||||
"cinder_scheduler_packages" => ["openstack-cinder", "MySQL-python"],
|
||||
"cinder_scheduler_service" => "openstack-cinder-scheduler",
|
||||
"cinder_iscsitarget_packages" => ["scsi-target-utils"],
|
||||
"cinder_iscsitarget_service" => "tgtd",
|
||||
"package_overrides" => ""
|
||||
}
|
||||
when "ubuntu"
|
||||
default["openstack"]["cinder"]["platform"] = {
|
||||
"mysql_python_packages" => [ "python-mysqldb" ],
|
||||
"cinder_packages" => [ "cinder-scheduler", "python-swift", "python-keystoneclient", "cinder-volume", "cinder-api" ],
|
||||
"package_overrides" => "-o Dpkg::Options::='--force-confold' -o Dpkg::Options::='--force-confdef'",
|
||||
default["cinder"]["platform"] = {
|
||||
"cinder_api_packages" => ["cinder-common", "cinder-api", "python-cinderclient", "python-mysqldb"],
|
||||
"cinder_api_service" => "cinder-api",
|
||||
"cinder_volume_packages" => ["cinder-volume", "python-mysqldb"],
|
||||
"cinder_volume_service" => "cinder-volume",
|
||||
"cinder_scheduler_packages" => ["cinder-scheduler", "python-mysqldb"],
|
||||
"cinder_scheduler_service" => "cinder-scheduler",
|
||||
"cinder_volume_service" => "cinder-volume"
|
||||
"cinder_iscsitarget_packages" => ["tgt"],
|
||||
"cinder_iscsitarget_service" => "tgt",
|
||||
"package_overrides" => "-o Dpkg::Options::='--force-confold' -o Dpkg::Options::='--force-confdef'"
|
||||
}
|
||||
end
|
||||
|
|
|
@ -0,0 +1,55 @@
|
|||
#
|
||||
# Cookbook Name:: cinder
|
||||
# Recipe:: api
|
||||
#
|
||||
# Copyright 2012, Rackspace US, Inc.
|
||||
# Copyright 2012, AT&T, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
include_recipe "cinder::common"
|
||||
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
end
|
||||
|
||||
platform_options = node["cinder"]["platform"]
|
||||
|
||||
platform_options["cinder_api_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :upgrade
|
||||
options platform_options["package_overrides"]
|
||||
end
|
||||
end
|
||||
|
||||
service "cinder-api" do
|
||||
service_name platform_options["cinder_api_service"]
|
||||
supports :status => true, :restart => true
|
||||
action :enable
|
||||
end
|
||||
|
||||
identity_admin_endpoint = endpoint "identity-admin"
|
||||
identity_endpoint = endpoint "identity-api"
|
||||
|
||||
template "/etc/cinder/api-paste.ini" do
|
||||
source "api-paste.ini.erb"
|
||||
group node["cinder"]["group"]
|
||||
owner node["cinder"]["user"]
|
||||
mode 00644
|
||||
variables(
|
||||
"identity_endpoint" => identity_endpoint,
|
||||
"identity_admin_endpoint" => identity_admin_endpoint,
|
||||
)
|
||||
notifies :restart, resources(:service => "cinder-api"), :immediately
|
||||
end
|
|
@ -0,0 +1,66 @@
|
|||
#
|
||||
# Cookbook Name:: cinder
|
||||
# Recipe:: common
|
||||
#
|
||||
# Copyright 2012, Rackspace US, Inc.
|
||||
# Copyright 2012, AT&T, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
include ::Opscode::OpenSSL::Password
|
||||
end
|
||||
|
||||
# Allow for using a well known service password
|
||||
if node["developer_mode"]
|
||||
node.set_unless["cinder"]["service_pass"] = "cinder"
|
||||
else
|
||||
node.set_unless["cinder"]["service_pass"] = secure_password
|
||||
end
|
||||
|
||||
directory "/etc/cinder" do
|
||||
action :create
|
||||
group node["cinder"]["group"]
|
||||
owner node["cinder"]["user"]
|
||||
mode 00700
|
||||
end
|
||||
|
||||
db_user = node["cinder"]["db"]["username"]
|
||||
db_pass = node["cinder"]["db"]["password"]
|
||||
sql_connection = db_uri("volume", db_user, db_pass)
|
||||
|
||||
rabbit_server_role = node["cinder"]["rabbit_server_chef_role"]
|
||||
rabbit_info = get_settings_by_role rabbit_server_role, "queue"
|
||||
|
||||
glance_api_role = node["cinder"]["glance_api_chef_role"]
|
||||
glance = get_settings_by_role glance_api_role, "glance"
|
||||
glance_api_endpoint = endpoint "image-api"
|
||||
|
||||
template "/etc/cinder/cinder.conf" do
|
||||
source "cinder.conf.erb"
|
||||
group node["cinder"]["group"]
|
||||
owner node["cinder"]["user"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection,
|
||||
:rabbit_host => rabbit_info["host"],
|
||||
:rabbit_port => rabbit_info["port"],
|
||||
:glance_host => glance_api_endpoint.host,
|
||||
:glance_port => glance_api_endpoint.port,
|
||||
)
|
||||
notifies :restart, resources(:service => "cinder-api"), :immediately
|
||||
notifies :restart, resources(:service => "cinder-scheduler"), :immediately
|
||||
notifies :restart, resources(:service => "cinder-volume"), :immediately
|
||||
end
|
|
@ -18,7 +18,7 @@
|
|||
#
|
||||
|
||||
# This recipe should be placed in the run_list of the node that
|
||||
# runs the database server that houses the Nova main database
|
||||
# runs the database server that houses the Cinder main database
|
||||
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
|
@ -32,12 +32,12 @@ include_recipe "mysql::ruby"
|
|||
|
||||
# Allow for using a well known db password
|
||||
if node["developer_mode"]
|
||||
node.set_unless["openstack"]["cinder"]["db"]["password"] = "cinder"
|
||||
node.set_unless["cinder"]["db"]["password"] = "cinder"
|
||||
else
|
||||
node.set_unless["openstack"]["cinder"]["db"]["password"] = secure_password
|
||||
node.set_unless["cinder"]["db"]["password"] = secure_password
|
||||
end
|
||||
|
||||
db_create_with_user("image",
|
||||
node["openstack"]["cinder"]["db"]["username"],
|
||||
node["openstack"]["cinder"]["db"]["password"]
|
||||
db_create_with_user("volume",
|
||||
node["cinder"]["db"]["username"],
|
||||
node["cinder"]["db"]["password"]
|
||||
)
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
#
|
||||
# Cookbook Name:: cinder
|
||||
# Recipe:: scheduler
|
||||
#
|
||||
# Copyright 2012, Rackspace US, Inc.
|
||||
# Copyright 2012, AT&T, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
include_recipe "cinder::common"
|
||||
|
||||
platform_options = node["cinder"]["platform"]
|
||||
|
||||
platform_options["cinder_scheduler_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :upgrade
|
||||
options platform_options["package_overrides"]
|
||||
end
|
||||
end
|
||||
|
||||
service "cinder-scheduler" do
|
||||
service_name platform_options["cinder_scheduler_service"]
|
||||
supports :status => true, :restart => true
|
||||
action [ :enable, :start ]
|
||||
end
|
|
@ -1,189 +0,0 @@
|
|||
#
|
||||
# Cookbook Name:: cinder
|
||||
# Recipe:: server
|
||||
#
|
||||
# Copyright 2012, DreamHost
|
||||
# Copyright 2012, Rackspace US, Inc.
|
||||
# Copyright 2012, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
end
|
||||
|
||||
# Allow for using a well known service password
|
||||
if node["developer_mode"]
|
||||
node.set_unless["openstack"]["cinder"]["service_pass"] = "cinder"
|
||||
else
|
||||
node.set_unless["openstack"]["cinder"]["service_pass"] = secure_password
|
||||
end
|
||||
|
||||
platform_options = node["openstack"]["cinder"]["platform"]
|
||||
|
||||
platform_options["cinder_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :upgrade
|
||||
end
|
||||
end
|
||||
|
||||
service "cinder-api" do
|
||||
service_name platform_options["cinder_api_service"]
|
||||
supports :status => true, :restart => true
|
||||
action :enable
|
||||
end
|
||||
|
||||
service "cinder-scheduler" do
|
||||
service_name platform_options["cinder_scheduler_service"]
|
||||
supports :status => true, :restart => true
|
||||
action :enable
|
||||
end
|
||||
|
||||
service "cinder-volume" do
|
||||
service_name platform_options["cinder_volume_service"]
|
||||
supports :status => true, :restart => true
|
||||
action :enable
|
||||
end
|
||||
|
||||
directory "/etc/cinder" do
|
||||
action :create
|
||||
group "cinder"
|
||||
owner "cinder"
|
||||
mode "0700"
|
||||
end
|
||||
|
||||
|
||||
db_user = node['openstack']['cinder']['db']['username']
|
||||
db_pass = node['openstack']['cinder']['db']['password']
|
||||
sql_connection = db_uri("cinder", db_user, db_pass)
|
||||
|
||||
rabbit_server_role = node["nova"]["rabbit_server_chef_role"]
|
||||
rabbit_info = get_settings_by_role rabbit_server_role, "queue"
|
||||
|
||||
ks_admin_endpoint = endpoint "identity-admin"
|
||||
ks_service_endpoint = endpoint "identity-api"
|
||||
keystone_service_role = node["nova"]["keystone_service_chef_role"]
|
||||
keystone = get_settings_by_role keystone_service_role, "keystone"
|
||||
glance_api_role = node["nova"]["glance_api_chef_role"]
|
||||
glance = get_settings_by_role glance_api_role, "glance"
|
||||
glance_api_endpoint = endpoint "image-api"
|
||||
api_endpoint = endpoint "compute-volume"
|
||||
|
||||
if glance["api"]["swift_store_auth_address"].nil?
|
||||
swift_store_auth_address="http://#{ks_admin_endpoint["host"]}:#{ks_service_endpoint["port"]}/v2.0"
|
||||
swift_store_user="#{glance["service_tenant_name"]}:#{glance["service_user"]}"
|
||||
swift_store_key=glance["service_pass"]
|
||||
swift_store_auth_version=2
|
||||
else
|
||||
swift_store_auth_address=glance["api"]["swift_store_auth_address"]
|
||||
swift_store_user=glance["api"]["swift_store_user"]
|
||||
swift_store_key=glance["api"]["swift_store_key"]
|
||||
swift_store_auth_version=glance["api"]["swift_store_auth_version"]
|
||||
end
|
||||
|
||||
template "/etc/cinder/cinder.conf" do
|
||||
source "cinder.conf.erb"
|
||||
owner "root"
|
||||
group "root"
|
||||
mode "0644"
|
||||
variables(
|
||||
:sql_connection => sql_connection,
|
||||
:use_syslog => node["openstack"]["cinder"]["syslog"]["use"],
|
||||
:log_facility => node["openstack"]["cinder"]["syslog"]["facility"],
|
||||
:rabbit_ipaddress => rabbit_info["host"],
|
||||
:rabbit_port => rabbit_info["port"],
|
||||
:default_store => glance["api"]["default_store"],
|
||||
:swift_store_key => swift_store_key,
|
||||
:swift_store_user => swift_store_user,
|
||||
:swift_store_auth_address => swift_store_auth_address,
|
||||
:swift_store_auth_version => swift_store_auth_version,
|
||||
:swift_large_object_size => glance["api"]["swift"]["store_large_object_size"],
|
||||
:swift_large_object_chunk_size => glance["api"]["swift"]["store_large_object_chunk_size"],
|
||||
:swift_store_container => glance["api"]["swift"]["store_container"],
|
||||
:keystone_api_ipaddress => identity_endpoint.host,
|
||||
:keystone_service_port => identity_endpoint.port,
|
||||
:keystone_admin_port => identity_endpoint.port,
|
||||
#:keystone_admin_token => keystone["admin_token"],
|
||||
:glance_api_ipaddress => image_endpoint.host,
|
||||
:glance_service_port => image_endpoint.port,
|
||||
:glance_admin_port => image_endpoint.port,
|
||||
#:glance_admin_token => glance["admin_token"],
|
||||
:service_tenant_name => node["openstack"]["cinder"]["service_tenant_name"],
|
||||
:service_user => node["openstack"]["cinder"]["service_user"],
|
||||
:service_pass => node["openstack"]["cinder"]["service_pass"]
|
||||
)
|
||||
notifies :restart, resources(:service => "cinder-api"), :immediately
|
||||
notifies :restart, resources(:service => "cinder-scheduler"), :immediately
|
||||
notifies :restart, resources(:service => "cinder-volume"), :immediately
|
||||
end
|
||||
|
||||
execute "cinder-manage db sync" do
|
||||
command "cinder-manage db sync"
|
||||
action :run
|
||||
not_if "cinder-manage db version && test $(cinder-manage db version) -gt 0"
|
||||
end
|
||||
|
||||
template "/etc/cinder/api-paste.ini" do
|
||||
source "api-paste.ini.erb"
|
||||
owner "root"
|
||||
group "root"
|
||||
mode "0644"
|
||||
variables(
|
||||
"use_syslog" => node["openstack"]["cinder"]["syslog"]["use"],
|
||||
"log_facility" => node["openstack"]["cinder"]["syslog"]["facility"],
|
||||
"keystone_api_ipaddress" => identity_endpoint.host,
|
||||
"keystone_service_port" => identity_endpoint.port,
|
||||
"keystone_admin_port" => identity_endpoint.port,
|
||||
#"keystone_admin_token" => keystone["admin_token"],
|
||||
"service_tenant_name" => node["openstack"]["cinder"]["service_tenant_name"],
|
||||
"service_user" => node["openstack"]["cinder"]["service_user"],
|
||||
"service_pass" => node["openstack"]["cinder"]["service_pass"]
|
||||
)
|
||||
notifies :restart, resources(:service => "cinder-api"), :immediately
|
||||
notifies :restart, resources(:service => "cinder-scheduler"), :immediately
|
||||
notifies :restart, resources(:service => "cinder-volume"), :immediately
|
||||
end
|
||||
|
||||
# Register Cinder Volume Service
|
||||
keystone_register "Register Cinder Volume Service" do
|
||||
auth_host identity_admin_endpoint.host
|
||||
auth_port identity_admin_endpoint.port.to_s
|
||||
auth_protocol identity_admin_endpoint.scheme
|
||||
api_ver identity_admin_endpoint.path
|
||||
auth_token keystone["admin_token"]
|
||||
service_name "cinder"
|
||||
service_type "volume"
|
||||
service_description "Cinder Volume Service"
|
||||
endpoint_region "RegionOne"
|
||||
endpoint_adminurl api_endpoint.to_s
|
||||
endpoint_internalurl api_endpoint.to_s
|
||||
endpoint_publicurl api_endpoint.to_s
|
||||
action :create_service
|
||||
end
|
||||
keystone_register "Register Cinder Volume Endpoint" do
|
||||
auth_host identity_admin_endpoint.host
|
||||
auth_port identity_admin_endpoint.port
|
||||
auth_protocol identity_admin_endpoint.scheme
|
||||
api_ver identity_admin_endpoint.path
|
||||
auth_token keystone["admin_token"]
|
||||
service_name "cinder"
|
||||
service_type "volume"
|
||||
service_description "Cinder Volume Service"
|
||||
endpoint_region "RegionOne"
|
||||
endpoint_adminurl api_endpoint.to_s
|
||||
endpoint_internalurl api_endpoint.to_s
|
||||
endpoint_publicurl api_endpoint.to_s
|
||||
action :create_endpoint
|
||||
end
|
||||
|
|
@ -0,0 +1,68 @@
|
|||
#
|
||||
# Cookbook Name:: cinder
|
||||
# Recipe:: setup
|
||||
#
|
||||
# Copyright 2012, Rackspace US, Inc.
|
||||
# Copyright 2012, AT&T, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
include_recipe "cinder::common"
|
||||
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
end
|
||||
|
||||
identity_admin_endpoint = endpoint "identity-admin"
|
||||
keystone_service_role = node["cinder"]["keystone_service_chef_role"]
|
||||
keystone = get_settings_by_role keystone_service_role, "keystone"
|
||||
api_endpoint = endpoint "volume-api"
|
||||
|
||||
execute "cinder-manage db sync" do
|
||||
command "cinder-manage db sync"
|
||||
action :run
|
||||
not_if "cinder-manage db version && test $(cinder-manage db version) -gt 0"
|
||||
end
|
||||
|
||||
keystone_register "Register Cinder Volume Service" do
|
||||
auth_host identity_admin_endpoint.host
|
||||
auth_port identity_admin_endpoint.port.to_s
|
||||
auth_protocol identity_admin_endpoint.scheme
|
||||
api_ver identity_admin_endpoint.path
|
||||
auth_token keystone["admin_token"]
|
||||
service_name "cinder"
|
||||
service_type "volume"
|
||||
service_description "Cinder Volume Service"
|
||||
endpoint_region node["cinder"]["region"]
|
||||
endpoint_adminurl api_endpoint.to_s
|
||||
endpoint_internalurl api_endpoint.to_s
|
||||
endpoint_publicurl api_endpoint.to_s
|
||||
action :create_service
|
||||
end
|
||||
|
||||
keystone_register "Register Cinder Volume Endpoint" do
|
||||
auth_host identity_admin_endpoint.host
|
||||
auth_port identity_admin_endpoint.port
|
||||
auth_protocol identity_admin_endpoint.scheme
|
||||
api_ver identity_admin_endpoint.path
|
||||
auth_token keystone["admin_token"]
|
||||
service_name "cinder"
|
||||
service_type "volume"
|
||||
service_description "Cinder Volume Service"
|
||||
endpoint_region node["cinder"]["region"]
|
||||
endpoint_adminurl api_endpoint.to_s
|
||||
endpoint_internalurl api_endpoint.to_s
|
||||
endpoint_publicurl api_endpoint.to_s
|
||||
action :create_endpoint
|
||||
end
|
|
@ -0,0 +1,55 @@
|
|||
#
|
||||
# Cookbook Name:: cinder
|
||||
# Recipe:: volume
|
||||
#
|
||||
# Copyright 2012, Rackspace US, Inc.
|
||||
# Copyright 2012, AT&T, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
include_recipe "cinder::common"
|
||||
|
||||
platform_options = node["cinder"]["platform"]
|
||||
|
||||
platform_options["cinder_volume_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :upgrade
|
||||
options platform_options["package_overrides"]
|
||||
end
|
||||
end
|
||||
|
||||
platform_options["cinder_iscsitarget_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :upgrade
|
||||
options platform_options["package_overrides"]
|
||||
end
|
||||
end
|
||||
|
||||
service "cinder-volume" do
|
||||
service_name platform_options["cinder_volume_service"]
|
||||
supports :status => true, :restart => true
|
||||
action [ :enable, :start ]
|
||||
end
|
||||
|
||||
service "iscsitarget" do
|
||||
service_name platform_options["cinder_iscsitarget_service"]
|
||||
supports :status => true, :restart => true
|
||||
action :enable
|
||||
end
|
||||
|
||||
template "/etc/tgt/targets.conf" do
|
||||
source "targets.conf.erb"
|
||||
mode 00600
|
||||
notifies :restart, resources(:service => "iscsitarget"), :immediately
|
||||
end
|
|
@ -3,51 +3,60 @@
|
|||
#############
|
||||
|
||||
[composite:osapi_volume]
|
||||
use = call:cinder.api.openstack.urlmap:urlmap_factory
|
||||
/: osvolumeversions
|
||||
use = call:cinder.api:root_app_factory
|
||||
/: apiversions
|
||||
/v1: openstack_volume_api_v1
|
||||
/v2: openstack_volume_api_v2
|
||||
|
||||
[composite:openstack_volume_api_v1]
|
||||
use = call:cinder.api.auth:pipeline_factory
|
||||
noauth = faultwrap sizelimit noauth osapi_volume_app_v1
|
||||
keystone = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1
|
||||
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1
|
||||
use = call:cinder.api.middleware.auth:pipeline_factory
|
||||
noauth = faultwrap sizelimit noauth apiv1
|
||||
keystone = faultwrap sizelimit authtoken keystonecontext apiv1
|
||||
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1
|
||||
|
||||
[composite:openstack_volume_api_v2]
|
||||
use = call:cinder.api.middleware.auth:pipeline_factory
|
||||
noauth = faultwrap sizelimit noauth apiv2
|
||||
keystone = faultwrap sizelimit authtoken keystonecontext apiv2
|
||||
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2
|
||||
|
||||
[filter:faultwrap]
|
||||
paste.filter_factory = cinder.api.openstack:FaultWrapper.factory
|
||||
paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory
|
||||
|
||||
[filter:noauth]
|
||||
paste.filter_factory = cinder.api.openstack.auth:NoAuthMiddleware.factory
|
||||
paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory
|
||||
|
||||
[filter:sizelimit]
|
||||
paste.filter_factory = cinder.api.sizelimit:RequestBodySizeLimiter.factory
|
||||
paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory
|
||||
|
||||
[app:osapi_volume_app_v1]
|
||||
paste.app_factory = cinder.api.openstack.volume:APIRouter.factory
|
||||
[app:apiv1]
|
||||
paste.app_factory = cinder.api.v1.router:APIRouter.factory
|
||||
|
||||
[pipeline:osvolumeversions]
|
||||
[app:apiv2]
|
||||
paste.app_factory = cinder.api.v2.router:APIRouter.factory
|
||||
|
||||
[pipeline:apiversions]
|
||||
pipeline = faultwrap osvolumeversionapp
|
||||
|
||||
[app:osvolumeversionapp]
|
||||
paste.app_factory = cinder.api.openstack.volume.versions:Versions.factory
|
||||
paste.app_factory = cinder.api.versions:Versions.factory
|
||||
|
||||
##########
|
||||
# Shared #
|
||||
##########
|
||||
|
||||
[filter:keystonecontext]
|
||||
paste.filter_factory = cinder.api.auth:CinderKeystoneContext.factory
|
||||
paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystone.middleware.auth_token:filter_factory
|
||||
service_host = <%= @keystone_api_ipaddress %>
|
||||
service_port = <%= @keystone_service_port %>
|
||||
service_protocol = http
|
||||
auth_host = <%= @keystone_api_ipaddress %>
|
||||
auth_port = <%= @keystone_admin_port %>
|
||||
auth_protocol = http
|
||||
auth_uri = http://<%= @keystone_api_ipaddress %>:<%= @service_port %>/v2.0/
|
||||
admin_token = <%= @keystone_admin_token %>
|
||||
admin_tenant_name = <%= @service_tenant_name %>
|
||||
admin_user = <%= @service_user %>
|
||||
admin_password = <%= @service_pass %>
|
||||
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
|
||||
service_host = <%= @identity_endpoint.host %>
|
||||
service_port = <%= @identity_endpoint.port %>
|
||||
service_protocol = <%= identity_endpoint.scheme %>
|
||||
auth_host = <%= @identity_admin_endpoint.host %>
|
||||
auth_port = <%= @identity_admin_endpoint.port %>
|
||||
auth_protocol = <%= @identity_admin_endpoint.scheme %>
|
||||
admin_tenant_name = <%= node["cinder"]["service_tenant_name"] %>
|
||||
admin_user = <%= node["cinder"]["service_user"] %>
|
||||
admin_password = <%= node["cinder"]["service_pass"] %>
|
||||
signing_dir = /var/lib/cinder
|
||||
|
|
|
@ -1,18 +1,12 @@
|
|||
# This file autogenerated by Chef
|
||||
# Do not edit, changes will be overwritten
|
||||
<% if not node["custom_template_banner"].nil? %>
|
||||
<%= node["custom_template_banner"] %>
|
||||
<% end %>
|
||||
|
||||
|
||||
<%= node["cinder"]["custom_template_banner"] %>
|
||||
[DEFAULT]
|
||||
|
||||
######## defined in cinder.openstack.common.cfg:CommonConfigOpts ########
|
||||
|
||||
debug=false
|
||||
debug=<%= node["cinder"]["debug"] %>
|
||||
#### (BoolOpt) Print debugging output
|
||||
|
||||
verbose=True
|
||||
verbose=<%= node["cinder"]["verbose"] %>
|
||||
#### (BoolOpt) Print more verbose output
|
||||
|
||||
# log_config=<None>
|
||||
|
@ -42,15 +36,10 @@ verbose=True
|
|||
|
||||
# Send logs to syslog (/dev/log) instead of to file specified
|
||||
# by `log_file`
|
||||
use_syslog = <%= @use_syslog %>
|
||||
use_syslog = <%= node["cinder"]["syslog"]["use"] %>
|
||||
|
||||
<% if @use_syslog == true %>
|
||||
# Facility to use. If unset defaults to LOG_USER.
|
||||
syslog_log_facility = <%= @log_facility %>
|
||||
<% else %>
|
||||
# syslog_log_facility = LOG_USER
|
||||
<% end %>
|
||||
|
||||
syslog_log_facility = <%= node["cinder"]["syslog"]["facility"]%>
|
||||
|
||||
######## defined in cinder.flags ########
|
||||
|
||||
|
@ -79,16 +68,16 @@ sql_connection=<%= @sql_connection %>
|
|||
# state_path=$pybasedir
|
||||
#### (StrOpt) Top-level directory for maintaining cinder's state
|
||||
|
||||
my_ip=0.0.0.0
|
||||
my_ip=<%= node["ipaddress"] %>
|
||||
#### (StrOpt) ip address of this host
|
||||
|
||||
glance_host=<%= @glance_api_ipaddress %>
|
||||
glance_host=<%= @glance_api_host %>
|
||||
#### (StrOpt) default glance hostname or ip
|
||||
|
||||
glance_port=<%= @glance_service_port %>
|
||||
#### (IntOpt) default glance port
|
||||
|
||||
glance_api_servers=$glance_host:$glance_port
|
||||
# glance_api_servers=$glance_host:$glance_port
|
||||
#### (ListOpt) A list of the glance api servers available to cinder
|
||||
#### ([hostname|ip]:port)
|
||||
|
||||
|
@ -101,7 +90,7 @@ glance_api_servers=$glance_host:$glance_port
|
|||
# volume_topic=cinder-volume
|
||||
#### (StrOpt) the topic volume nodes listen on
|
||||
|
||||
# api_rate_limit=true
|
||||
api_rate_limit=<%= node["cinder"]["api"]["ratelimit"] %>
|
||||
#### (BoolOpt) whether to rate limit the api
|
||||
|
||||
# osapi_volume_ext_list=
|
||||
|
@ -156,7 +145,7 @@ glance_api_servers=$glance_host:$glance_port
|
|||
#### (StrOpt) time period to generate volume usages for. Time period must
|
||||
#### be hour, day, month or year
|
||||
|
||||
root_helper=cinder-rootwrap
|
||||
# root_helper=cinder-rootwrap
|
||||
#### (StrOpt) Deprecated: command to use for running commands as root
|
||||
|
||||
rootwrap_config=/etc/cinder/rootwrap.conf
|
||||
|
@ -175,7 +164,7 @@ rootwrap_config=/etc/cinder/rootwrap.conf
|
|||
# volume_api_class=cinder.volume.api.API
|
||||
#### (StrOpt) The full class name of the volume API class to use
|
||||
|
||||
# auth_strategy=noauth
|
||||
auth_strategy=keystone
|
||||
#### (StrOpt) The strategy to use for auth. Supports noauth, keystone, and
|
||||
#### deprecated.
|
||||
|
||||
|
@ -380,10 +369,10 @@ db_backend=sqlalchemy
|
|||
# kombu_ssl_ca_certs=
|
||||
#### (StrOpt) SSL certification authority file (valid only if SSL enabled)
|
||||
|
||||
# rabbit_host=localhost
|
||||
rabbit_host=<%= @rabbit_host %>
|
||||
#### (StrOpt) The RabbitMQ broker address where a single node is used
|
||||
|
||||
# rabbit_port=5672
|
||||
rabbit_port=<%= @rabbit_port %>
|
||||
#### (IntOpt) The RabbitMQ broker port where a single node is used
|
||||
|
||||
# rabbit_hosts=$rabbit_host:$rabbit_port
|
||||
|
@ -820,5 +809,5 @@ db_backend=sqlalchemy
|
|||
# zadara_vpsa_allow_nonexistent_delete=true
|
||||
#### (BoolOpt) Don't halt on deletion of non-existing volumes
|
||||
|
||||
|
||||
# Total option count: 219
|
||||
[keystone_authtoken]
|
||||
signing_dirname = /tmp/keystone-signing-cinder
|
||||
|
|
|
@ -1,51 +0,0 @@
|
|||
#############
|
||||
# Openstack #
|
||||
#############
|
||||
|
||||
[composite:osapi_volume]
|
||||
use = call:cinder.api.openstack.urlmap:urlmap_factory
|
||||
/: osvolumeversions
|
||||
/v1: openstack_volume_api_v1
|
||||
|
||||
[composite:openstack_volume_api_v1]
|
||||
use = call:cinder.api.auth:pipeline_factory
|
||||
noauth = faultwrap sizelimit noauth osapi_volume_app_v1
|
||||
keystone = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1
|
||||
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1
|
||||
|
||||
[filter:faultwrap]
|
||||
paste.filter_factory = cinder.api.openstack:FaultWrapper.factory
|
||||
|
||||
[filter:noauth]
|
||||
paste.filter_factory = cinder.api.openstack.auth:NoAuthMiddleware.factory
|
||||
|
||||
[filter:sizelimit]
|
||||
paste.filter_factory = cinder.api.sizelimit:RequestBodySizeLimiter.factory
|
||||
|
||||
[app:osapi_volume_app_v1]
|
||||
paste.app_factory = cinder.api.openstack.volume:APIRouter.factory
|
||||
|
||||
[pipeline:osvolumeversions]
|
||||
pipeline = faultwrap osvolumeversionapp
|
||||
|
||||
[app:osvolumeversionapp]
|
||||
paste.app_factory = cinder.api.openstack.volume.versions:Versions.factory
|
||||
|
||||
##########
|
||||
# Shared #
|
||||
##########
|
||||
|
||||
[filter:keystonecontext]
|
||||
paste.filter_factory = cinder.api.auth:CinderKeystoneContext.factory
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystone.middleware.auth_token:filter_factory
|
||||
service_protocol = http
|
||||
service_host = 127.0.0.1
|
||||
service_port = 5000
|
||||
auth_host = 127.0.0.1
|
||||
auth_port = 35357
|
||||
auth_protocol = http
|
||||
admin_tenant_name = %SERVICE_TENANT_NAME%
|
||||
admin_user = %SERVICE_USER%
|
||||
admin_password = %SERVICE_PASSWORD%
|
|
@ -0,0 +1,7 @@
|
|||
<% if %w{redhat centos fedora}.include?(node["platform"]) %>
|
||||
include /var/lib/cinder/volumes/*
|
||||
<% end %>
|
||||
<% if %w{debian ubuntu}.include?(node["platform"]) %>
|
||||
include /etc/tgt/conf.d/*.conf
|
||||
<% end %>
|
||||
default-driver iscsi
|
Loading…
Reference in New Issue