Massive refactoring of Cinder cookbook

* Updates the attributes to align with openstack-common and
  the other AT&T-standardized OpenStack cookbooks
* Splits the single server recipe out into recipes for
  common, api, setup, volume and scheduler so that nodes
  can get the Cinder API, Cinder Scheduler and/or Cinder Volume
  service installed separately
* Pull in the isci and tgt packages, matching RCBOps volume recipe

.gitignore

@@ -0,0 +1 @@
+*.swp

README.md

@@ -1,4 +1,96 @@
-cinder
-======
+Description
+===========
 
-Chef cookbook for deploying the OpenStack Advanced Volume Management service Cinder.
+Installs the Openstack volume service (codename: cinder) from packages.
+
+http://cinder.openstack.org
+
+Requirements
+============
+
+Chef 0.10.0 or higher required (for Chef environment use).
+
+Platforms
+--------
+
+* Ubuntu-12.04
+* Fedora-17
+
+Cookbooks
+---------
+
+The following cookbooks are dependencies:
+
+* apt
+* database
+* glance
+* keystone
+* mysql
+* openssh
+* rabbitmq
+* selinux (Fedora)
+* openstack-common
+* openstack-utils
+
+Recipes
+=======
+
+api
+----
+- Installs the cinder-api, sets up the cinder database,
+ and cinder service/user/endpoints in keystone
+
+scheduler
+----
+- Installs the cinder-scheduler service
+
+volume
+----
+- Installs the cinder-volume service and sets up the iscsi helper
+
+
+Attributes
+==========
+
+* `cinder["db"]["name"]` - name of database to create for cinder
+* `cinder["db"]["username"]` - cinder username for database
+* `cinder["service_tenant_name"]` - name of tenant to use for the cinder service account in keystone
+* `cinder["service_user"]` - cinder service user in keystone
+* `cinder["service_role"]` - role for the cinder service user in keystone
+* `cinder["syslog"]["use"]`
+* `cinder["syslog"]["facility"]`
+* `cinder["syslog"]["config_facility"]`
+* `cinder["platform"]` = hash of platform specific package/service names and options
+
+Templates
+=====
+* `api-paste.ini.erb` - Paste config for cinder API middleware
+* `cinder.conf.erb` - Basic cinder.conf file
+* `targets.conf.erb` - config file for tgt (iscsi target software)
+
+License and Author
+==================
+
+Author:: Justin Shepherd (<justin.shepherd@rackspace.com>)  
+Author:: Jason Cannavale (<jason.cannavale@rackspace.com>)  
+Author:: Ron Pedde (<ron.pedde@rackspace.com>)  
+Author:: Joseph Breu (<joseph.breu@rackspace.com>)  
+Author:: William Kelly (<william.kelly@rackspace.com>)  
+Author:: Darren Birkett (<darren.birkett@rackspace.co.uk>)  
+Author:: Evan Callicoat (<evan.callicoat@rackspace.com>)  
+Author:: Jay Pipes (<jaypipes@gmail.com>)  
+
+Copyright 2012, Rackspace US, Inc.
+Copyright 2012, AT&T, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

attributes/default.rb

@@ -23,44 +23,71 @@
 default["developer_mode"] = false  # we want secure passwords by default
 ########################################################################
 
-default["openstack"]["cinder"]["services"]["volume"]["scheme"] = "http"
-default["openstack"]["cinder"]["services"]["volume"]["network"] = "public"
-default["openstack"]["cinder"]["services"]["volume"]["port"] = 8776
-default["openstack"]["cinder"]["services"]["volume"]["path"] = "/v1"
+# Set to some text value if you want templated config files
+# to contain a custom banner at the top of the written file
+default["cinder"]["custom_template_banner"] = "
+# This file autogenerated by Chef
+# Do not edit, changes will be overwritten
+"
 
-default["cinder"]["services"]["volume"]["scheme"] = "http"
-default["cinder"]["services"]["volume"]["network"] = "public"
-default["cinder"]["services"]["volume"]["port"] = 8776
-default["cinder"]["services"]["volume"]["path"] = "/v1"
+default["cinder"]["verbose"] = "False"
+default["cinder"]["debug"] = "False"
 
-default["openstack"]["cinder"]["db"]["name"] = "cinder"
-default["openstack"]["cinder"]["db"]["username"] = "cinder"
+# Availability zone/region for the Cinder service
+default["cinder"]["region"] = "RegionOne"
 
-# TODO: These may need to be glance-registry specific.. and looked up by glance-api
-default["openstack"]["cinder"]["service_tenant_name"] = "service"
-default["openstack"]["cinder"]["service_user"] = "cinder"
-default["openstack"]["cinder"]["service_role"] = "admin"
+# The name of the Chef role that knows about the message queue server
+# that Cinder uses
+default["cinder"]["rabbit_server_chef_role"] = "rabbitmq-server"
+
+# This is the name of the Chef role that will install the Keystone Service API
+default["cinder"]["keystone_service_chef_role"] = "keystone"
+
+# This is the name of the Chef role that will install the Glance API
+default["cinder"]["glance_api_chef_role"] = "glance-api"
+
+# operating system group name
+default["cinder"]["group"] = "cinder"
+# operating system user that services will run under
+default["cinder"]["user"] = "cinder"
+
+default["cinder"]["db"]["name"] = "cinder"
+default["cinder"]["db"]["username"] = "cinder"
+
+default["cinder"]["service_tenant_name"] = "service"
+default["cinder"]["service_user"] = "cinder"
+default["cinder"]["service_role"] = "admin"
 
 # logging attribute
-default["openstack"]["cinder"]["syslog"]["use"] = false
-default["openstack"]["cinder"]["syslog"]["facility"] = "LOG_LOCAL2"
-default["openstack"]["cinder"]["syslog"]["config_facility"] = "local2"
+default["cinder"]["syslog"]["use"] = false
+default["cinder"]["syslog"]["facility"] = "LOG_LOCAL2"
+default["cinder"]["syslog"]["config_facility"] = "local2"
+
+default["cinder"]["api"]["ratelimit"] = "True"
 
-# platform-specific settings
 case platform
 when "fedora", "redhat", "centos"
-  default["openstack"]["cinder"]["platform"] = {
-    "mysql_python_packages" => [ "MySQL-python" ],
-    "cinder_packages" => [ "openstack-cinder", "openstack-swift" ],
+  default["cinder"]["platform"] = {
+    "cinder_api_packages" => ["openstack-cinder", "python-cinderclient", "MySQL-python"],
+    "cinder_api_service" => "openstack-cinder-api",
+    "cinder_volume_packages" => ["openstack-cinder", "MySQL-python"],
+    "cinder_volume_service" => "openstack-cinder-volume",
+    "cinder_scheduler_packages" => ["openstack-cinder", "MySQL-python"],
+    "cinder_scheduler_service" => "openstack-cinder-scheduler",
+    "cinder_iscsitarget_packages" => ["scsi-target-utils"],
+    "cinder_iscsitarget_service" => "tgtd",
     "package_overrides" => ""
   }
 when "ubuntu"
-  default["openstack"]["cinder"]["platform"] = {
-    "mysql_python_packages" => [ "python-mysqldb" ],
-    "cinder_packages" => [ "cinder-scheduler", "python-swift", "python-keystoneclient", "cinder-volume", "cinder-api" ],
-    "package_overrides" => "-o Dpkg::Options::='--force-confold' -o Dpkg::Options::='--force-confdef'",
+  default["cinder"]["platform"] = {
+    "cinder_api_packages" => ["cinder-common", "cinder-api", "python-cinderclient", "python-mysqldb"],
     "cinder_api_service" => "cinder-api",
+    "cinder_volume_packages" => ["cinder-volume", "python-mysqldb"],
+    "cinder_volume_service" => "cinder-volume",
+    "cinder_scheduler_packages" => ["cinder-scheduler", "python-mysqldb"],
     "cinder_scheduler_service" => "cinder-scheduler",
-    "cinder_volume_service" => "cinder-volume"
+    "cinder_iscsitarget_packages" => ["tgt"],
+    "cinder_iscsitarget_service" => "tgt",
+    "package_overrides" => "-o Dpkg::Options::='--force-confold' -o Dpkg::Options::='--force-confdef'"
   }
 end

recipes/api.rb

@@ -0,0 +1,55 @@
+#
+# Cookbook Name:: cinder
+# Recipe:: api
+#
+# Copyright 2012, Rackspace US, Inc.
+# Copyright 2012, AT&T, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "cinder::common"
+
+class ::Chef::Recipe
+  include ::Openstack
+end
+
+platform_options = node["cinder"]["platform"]
+
+platform_options["cinder_api_packages"].each do |pkg|
+  package pkg do
+    action :upgrade
+    options platform_options["package_overrides"]
+  end
+end
+
+service "cinder-api" do
+  service_name platform_options["cinder_api_service"]
+  supports :status => true, :restart => true
+  action :enable
+end
+
+identity_admin_endpoint = endpoint "identity-admin"
+identity_endpoint = endpoint "identity-api"
+
+template "/etc/cinder/api-paste.ini" do
+  source "api-paste.ini.erb"
+  group node["cinder"]["group"]
+  owner node["cinder"]["user"]
+  mode 00644
+  variables(
+    "identity_endpoint" => identity_endpoint,
+    "identity_admin_endpoint" => identity_admin_endpoint,
+    )
+  notifies :restart, resources(:service => "cinder-api"), :immediately
+end

recipes/common.rb

@@ -0,0 +1,66 @@
+#
+# Cookbook Name:: cinder
+# Recipe:: common
+#
+# Copyright 2012, Rackspace US, Inc.
+# Copyright 2012, AT&T, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+class ::Chef::Recipe
+  include ::Openstack
+  include ::Opscode::OpenSSL::Password
+end
+
+# Allow for using a well known service password
+if node["developer_mode"]
+  node.set_unless["cinder"]["service_pass"] = "cinder"
+else
+  node.set_unless["cinder"]["service_pass"] = secure_password
+end
+
+directory "/etc/cinder" do
+  action :create
+  group node["cinder"]["group"]
+  owner node["cinder"]["user"]
+  mode 00700
+end
+
+db_user = node["cinder"]["db"]["username"]
+db_pass = node["cinder"]["db"]["password"]
+sql_connection = db_uri("volume", db_user, db_pass)
+
+rabbit_server_role = node["cinder"]["rabbit_server_chef_role"]
+rabbit_info = get_settings_by_role rabbit_server_role, "queue"
+
+glance_api_role = node["cinder"]["glance_api_chef_role"]
+glance = get_settings_by_role glance_api_role, "glance"
+glance_api_endpoint = endpoint "image-api"
+
+template "/etc/cinder/cinder.conf" do
+  source "cinder.conf.erb"
+  group node["cinder"]["group"]
+  owner node["cinder"]["user"]
+  mode 00644
+  variables(
+    :sql_connection => sql_connection,
+    :rabbit_host => rabbit_info["host"],
+    :rabbit_port => rabbit_info["port"],
+    :glance_host => glance_api_endpoint.host,
+    :glance_port => glance_api_endpoint.port,
+  )
+  notifies :restart, resources(:service => "cinder-api"), :immediately
+  notifies :restart, resources(:service => "cinder-scheduler"), :immediately
+  notifies :restart, resources(:service => "cinder-volume"), :immediately
+end

recipes/db.rb

@@ -18,7 +18,7 @@
 #
 
 # This recipe should be placed in the run_list of the node that
-# runs the database server that houses the Nova main database
+# runs the database server that houses the Cinder main database
 
 class ::Chef::Recipe
   include ::Openstack
@@ -32,12 +32,12 @@ include_recipe "mysql::ruby"
 
 # Allow for using a well known db password
 if node["developer_mode"]
-  node.set_unless["openstack"]["cinder"]["db"]["password"] = "cinder"
+  node.set_unless["cinder"]["db"]["password"] = "cinder"
 else
-  node.set_unless["openstack"]["cinder"]["db"]["password"] = secure_password
+  node.set_unless["cinder"]["db"]["password"] = secure_password
 end
 
-db_create_with_user("image",
-  node["openstack"]["cinder"]["db"]["username"],
-  node["openstack"]["cinder"]["db"]["password"]
+db_create_with_user("volume",
+  node["cinder"]["db"]["username"],
+  node["cinder"]["db"]["password"]
 )

recipes/scheduler.rb

@@ -0,0 +1,36 @@
+#
+# Cookbook Name:: cinder
+# Recipe:: scheduler
+#
+# Copyright 2012, Rackspace US, Inc.
+# Copyright 2012, AT&T, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "cinder::common"
+
+platform_options = node["cinder"]["platform"]
+
+platform_options["cinder_scheduler_packages"].each do |pkg|
+  package pkg do
+    action :upgrade
+    options platform_options["package_overrides"]
+  end
+end
+
+service "cinder-scheduler" do
+  service_name platform_options["cinder_scheduler_service"]
+  supports :status => true, :restart => true
+  action [ :enable, :start ]
+end

recipes/server.rb

@@ -1,189 +0,0 @@
-#
-# Cookbook Name:: cinder
-# Recipe:: server
-#
-# Copyright 2012, DreamHost
-# Copyright 2012, Rackspace US, Inc.
-# Copyright 2012, Opscode, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-class ::Chef::Recipe
-  include ::Openstack
-end
-
-# Allow for using a well known service password
-if node["developer_mode"]
-  node.set_unless["openstack"]["cinder"]["service_pass"] = "cinder"
-else
-  node.set_unless["openstack"]["cinder"]["service_pass"] = secure_password
-end
-
-platform_options = node["openstack"]["cinder"]["platform"]
-
-platform_options["cinder_packages"].each do |pkg|
-  package pkg do
-    action :upgrade
-  end
-end
-
-service "cinder-api" do
-  service_name platform_options["cinder_api_service"]
-  supports :status => true, :restart => true
-  action :enable
-end
-
-service "cinder-scheduler" do
-  service_name platform_options["cinder_scheduler_service"]
-  supports :status => true, :restart => true
-  action :enable
-end
-
-service "cinder-volume" do
-  service_name platform_options["cinder_volume_service"]
-  supports :status => true, :restart => true
-  action :enable
-end
-
-directory "/etc/cinder" do
-  action :create
-  group "cinder"
-  owner "cinder"
-  mode "0700"
-end
-
-
-db_user = node['openstack']['cinder']['db']['username']
-db_pass = node['openstack']['cinder']['db']['password']
-sql_connection = db_uri("cinder", db_user, db_pass)
-
-rabbit_server_role = node["nova"]["rabbit_server_chef_role"]
-rabbit_info = get_settings_by_role rabbit_server_role, "queue"
-
-ks_admin_endpoint = endpoint "identity-admin"
-ks_service_endpoint = endpoint "identity-api"
-keystone_service_role = node["nova"]["keystone_service_chef_role"]
-keystone = get_settings_by_role keystone_service_role, "keystone"
-glance_api_role = node["nova"]["glance_api_chef_role"]
-glance = get_settings_by_role glance_api_role, "glance"
-glance_api_endpoint = endpoint "image-api"
-api_endpoint = endpoint "compute-volume"
-
-if glance["api"]["swift_store_auth_address"].nil?
-  swift_store_auth_address="http://#{ks_admin_endpoint["host"]}:#{ks_service_endpoint["port"]}/v2.0"
-  swift_store_user="#{glance["service_tenant_name"]}:#{glance["service_user"]}"
-  swift_store_key=glance["service_pass"]
-  swift_store_auth_version=2
-else
-  swift_store_auth_address=glance["api"]["swift_store_auth_address"]
-  swift_store_user=glance["api"]["swift_store_user"]
-  swift_store_key=glance["api"]["swift_store_key"]
-  swift_store_auth_version=glance["api"]["swift_store_auth_version"]
-end
-
-template "/etc/cinder/cinder.conf" do
-  source "cinder.conf.erb"
-  owner "root"
-  group "root"
-  mode "0644"
-  variables(
-    :sql_connection => sql_connection,
-    :use_syslog => node["openstack"]["cinder"]["syslog"]["use"],
-    :log_facility => node["openstack"]["cinder"]["syslog"]["facility"],
-    :rabbit_ipaddress => rabbit_info["host"],
-    :rabbit_port => rabbit_info["port"],
-    :default_store => glance["api"]["default_store"],
-    :swift_store_key => swift_store_key,
-    :swift_store_user => swift_store_user,
-    :swift_store_auth_address => swift_store_auth_address,
-    :swift_store_auth_version => swift_store_auth_version,
-    :swift_large_object_size => glance["api"]["swift"]["store_large_object_size"],
-    :swift_large_object_chunk_size => glance["api"]["swift"]["store_large_object_chunk_size"],
-    :swift_store_container => glance["api"]["swift"]["store_container"],
-    :keystone_api_ipaddress => identity_endpoint.host,
-    :keystone_service_port => identity_endpoint.port,
-    :keystone_admin_port => identity_endpoint.port,
-    #:keystone_admin_token => keystone["admin_token"],
-    :glance_api_ipaddress => image_endpoint.host,
-    :glance_service_port => image_endpoint.port,
-    :glance_admin_port => image_endpoint.port,
-    #:glance_admin_token => glance["admin_token"],
-    :service_tenant_name => node["openstack"]["cinder"]["service_tenant_name"],
-    :service_user => node["openstack"]["cinder"]["service_user"],
-    :service_pass => node["openstack"]["cinder"]["service_pass"]
-    )
-  notifies :restart, resources(:service => "cinder-api"), :immediately
-  notifies :restart, resources(:service => "cinder-scheduler"), :immediately
-  notifies :restart, resources(:service => "cinder-volume"), :immediately
-end
-
-execute "cinder-manage db sync" do
-  command "cinder-manage db sync"
-  action :run
-  not_if "cinder-manage db version && test $(cinder-manage db version) -gt 0"
-end
-
-template "/etc/cinder/api-paste.ini" do
-  source "api-paste.ini.erb"
-  owner "root"
-  group "root"
-  mode "0644"
-  variables(
-    "use_syslog" => node["openstack"]["cinder"]["syslog"]["use"],
-    "log_facility" => node["openstack"]["cinder"]["syslog"]["facility"],
-    "keystone_api_ipaddress" => identity_endpoint.host,
-    "keystone_service_port" => identity_endpoint.port,
-    "keystone_admin_port" => identity_endpoint.port,
-    #"keystone_admin_token" => keystone["admin_token"],
-    "service_tenant_name" => node["openstack"]["cinder"]["service_tenant_name"],
-    "service_user" => node["openstack"]["cinder"]["service_user"],
-    "service_pass" => node["openstack"]["cinder"]["service_pass"]
-    )
-  notifies :restart, resources(:service => "cinder-api"), :immediately
-  notifies :restart, resources(:service => "cinder-scheduler"), :immediately
-  notifies :restart, resources(:service => "cinder-volume"), :immediately
-end
-
-# Register Cinder Volume Service
-keystone_register "Register Cinder Volume Service" do
-  auth_host identity_admin_endpoint.host
-  auth_port identity_admin_endpoint.port.to_s
-  auth_protocol identity_admin_endpoint.scheme
-  api_ver identity_admin_endpoint.path
-  auth_token keystone["admin_token"]
-  service_name "cinder"
-  service_type "volume"
-  service_description "Cinder Volume Service"
-  endpoint_region "RegionOne"
-  endpoint_adminurl api_endpoint.to_s
-  endpoint_internalurl api_endpoint.to_s
-  endpoint_publicurl api_endpoint.to_s
-  action :create_service
-end
-keystone_register "Register Cinder Volume Endpoint" do
-  auth_host identity_admin_endpoint.host
-  auth_port identity_admin_endpoint.port
-  auth_protocol identity_admin_endpoint.scheme
-  api_ver identity_admin_endpoint.path
-  auth_token keystone["admin_token"]
-  service_name "cinder"
-  service_type "volume"
-  service_description "Cinder Volume Service"
-  endpoint_region "RegionOne"
-  endpoint_adminurl api_endpoint.to_s
-  endpoint_internalurl api_endpoint.to_s
-  endpoint_publicurl api_endpoint.to_s
-  action :create_endpoint
-end
-

recipes/setup.rb

@@ -0,0 +1,68 @@
+#
+# Cookbook Name:: cinder
+# Recipe:: setup
+#
+# Copyright 2012, Rackspace US, Inc.
+# Copyright 2012, AT&T, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "cinder::common"
+
+class ::Chef::Recipe
+  include ::Openstack
+end
+
+identity_admin_endpoint = endpoint "identity-admin"
+keystone_service_role = node["cinder"]["keystone_service_chef_role"]
+keystone = get_settings_by_role keystone_service_role, "keystone"
+api_endpoint = endpoint "volume-api"
+
+execute "cinder-manage db sync" do
+  command "cinder-manage db sync"
+  action :run
+  not_if "cinder-manage db version && test $(cinder-manage db version) -gt 0"
+end
+
+keystone_register "Register Cinder Volume Service" do
+  auth_host identity_admin_endpoint.host
+  auth_port identity_admin_endpoint.port.to_s
+  auth_protocol identity_admin_endpoint.scheme
+  api_ver identity_admin_endpoint.path
+  auth_token keystone["admin_token"]
+  service_name "cinder"
+  service_type "volume"
+  service_description "Cinder Volume Service"
+  endpoint_region node["cinder"]["region"]
+  endpoint_adminurl api_endpoint.to_s
+  endpoint_internalurl api_endpoint.to_s
+  endpoint_publicurl api_endpoint.to_s
+  action :create_service
+end
+
+keystone_register "Register Cinder Volume Endpoint" do
+  auth_host identity_admin_endpoint.host
+  auth_port identity_admin_endpoint.port
+  auth_protocol identity_admin_endpoint.scheme
+  api_ver identity_admin_endpoint.path
+  auth_token keystone["admin_token"]
+  service_name "cinder"
+  service_type "volume"
+  service_description "Cinder Volume Service"
+  endpoint_region node["cinder"]["region"]
+  endpoint_adminurl api_endpoint.to_s
+  endpoint_internalurl api_endpoint.to_s
+  endpoint_publicurl api_endpoint.to_s
+  action :create_endpoint
+end

recipes/volume.rb

@@ -0,0 +1,55 @@
+#
+# Cookbook Name:: cinder
+# Recipe:: volume
+#
+# Copyright 2012, Rackspace US, Inc.
+# Copyright 2012, AT&T, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "cinder::common"
+
+platform_options = node["cinder"]["platform"]
+
+platform_options["cinder_volume_packages"].each do |pkg|
+  package pkg do
+    action :upgrade
+    options platform_options["package_overrides"]
+  end
+end
+
+platform_options["cinder_iscsitarget_packages"].each do |pkg|
+  package pkg do
+    action :upgrade
+    options platform_options["package_overrides"]
+  end
+end
+
+service "cinder-volume" do
+  service_name platform_options["cinder_volume_service"]
+  supports :status => true, :restart => true
+  action [ :enable, :start ]
+end
+
+service "iscsitarget" do
+  service_name platform_options["cinder_iscsitarget_service"]
+  supports :status => true, :restart => true
+  action :enable
+end
+
+template "/etc/tgt/targets.conf" do
+  source "targets.conf.erb"
+  mode 00600
+  notifies :restart, resources(:service => "iscsitarget"), :immediately
+end

templates/default/api-paste.ini.erb

@@ -3,51 +3,60 @@
 #############
 
 [composite:osapi_volume]
-use = call:cinder.api.openstack.urlmap:urlmap_factory
-/: osvolumeversions
+use = call:cinder.api:root_app_factory
+/: apiversions
 /v1: openstack_volume_api_v1
+/v2: openstack_volume_api_v2
 
 [composite:openstack_volume_api_v1]
-use = call:cinder.api.auth:pipeline_factory
-noauth = faultwrap sizelimit noauth osapi_volume_app_v1
-keystone = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1
-keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1
+use = call:cinder.api.middleware.auth:pipeline_factory
+noauth = faultwrap sizelimit noauth apiv1
+keystone = faultwrap sizelimit authtoken keystonecontext apiv1
+keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1
+
+[composite:openstack_volume_api_v2]
+use = call:cinder.api.middleware.auth:pipeline_factory
+noauth = faultwrap sizelimit noauth apiv2
+keystone = faultwrap sizelimit authtoken keystonecontext apiv2
+keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2
 
 [filter:faultwrap]
-paste.filter_factory = cinder.api.openstack:FaultWrapper.factory
+paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory
 
 [filter:noauth]
-paste.filter_factory = cinder.api.openstack.auth:NoAuthMiddleware.factory
+paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory
 
 [filter:sizelimit]
-paste.filter_factory = cinder.api.sizelimit:RequestBodySizeLimiter.factory
+paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory
 
-[app:osapi_volume_app_v1]
-paste.app_factory = cinder.api.openstack.volume:APIRouter.factory
+[app:apiv1]
+paste.app_factory = cinder.api.v1.router:APIRouter.factory
 
-[pipeline:osvolumeversions]
+[app:apiv2]
+paste.app_factory = cinder.api.v2.router:APIRouter.factory
+
+[pipeline:apiversions]
 pipeline = faultwrap osvolumeversionapp
 
 [app:osvolumeversionapp]
-paste.app_factory = cinder.api.openstack.volume.versions:Versions.factory
+paste.app_factory = cinder.api.versions:Versions.factory
 
 ##########
 # Shared #
 ##########
 
 [filter:keystonecontext]
-paste.filter_factory = cinder.api.auth:CinderKeystoneContext.factory
+paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory
 
 [filter:authtoken]
-paste.filter_factory = keystone.middleware.auth_token:filter_factory
-service_host = <%= @keystone_api_ipaddress %>
-service_port = <%= @keystone_service_port %>
-service_protocol = http
-auth_host = <%= @keystone_api_ipaddress %>
-auth_port = <%= @keystone_admin_port %>
-auth_protocol = http
-auth_uri = http://<%= @keystone_api_ipaddress %>:<%= @service_port %>/v2.0/
-admin_token = <%= @keystone_admin_token %>
-admin_tenant_name = <%= @service_tenant_name %>
-admin_user = <%= @service_user %>
-admin_password = <%= @service_pass %>
+paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
+service_host = <%= @identity_endpoint.host %>
+service_port = <%= @identity_endpoint.port %>
+service_protocol = <%= identity_endpoint.scheme %>
+auth_host = <%= @identity_admin_endpoint.host %>
+auth_port = <%= @identity_admin_endpoint.port %>
+auth_protocol = <%= @identity_admin_endpoint.scheme %>
+admin_tenant_name = <%= node["cinder"]["service_tenant_name"] %>
+admin_user = <%= node["cinder"]["service_user"] %>
+admin_password = <%= node["cinder"]["service_pass"] %>
+signing_dir = /var/lib/cinder

templates/default/cinder.conf.erb

@@ -1,18 +1,12 @@
-# This file autogenerated by Chef
-# Do not edit, changes will be overwritten
-<% if not node["custom_template_banner"].nil? %>
-<%= node["custom_template_banner"] %>
-<% end %>
-
-
+<%= node["cinder"]["custom_template_banner"] %>
 [DEFAULT]
 
 ######## defined in cinder.openstack.common.cfg:CommonConfigOpts ########
 
-debug=false
+debug=<%= node["cinder"]["debug"] %>
 #### (BoolOpt) Print debugging output
 
-verbose=True
+verbose=<%= node["cinder"]["verbose"] %>
 #### (BoolOpt) Print more verbose output
 
 # log_config=<None>
@@ -42,15 +36,10 @@ verbose=True
 
 # Send logs to syslog (/dev/log) instead of to file specified
 # by `log_file`
-use_syslog = <%= @use_syslog %>
+use_syslog = <%= node["cinder"]["syslog"]["use"] %>
 
-<% if @use_syslog == true %>
 # Facility to use. If unset defaults to LOG_USER.
-syslog_log_facility = <%= @log_facility %>
-<% else %>
-# syslog_log_facility = LOG_USER
-<% end %>
-
+syslog_log_facility = <%= node["cinder"]["syslog"]["facility"]%>
 
 ######## defined in cinder.flags ########
 
@@ -79,16 +68,16 @@ sql_connection=<%= @sql_connection %>
 # state_path=$pybasedir
 #### (StrOpt) Top-level directory for maintaining cinder's state
 
-my_ip=0.0.0.0
+my_ip=<%= node["ipaddress"] %>
 #### (StrOpt) ip address of this host
 
-glance_host=<%= @glance_api_ipaddress %>
+glance_host=<%= @glance_api_host %>
 #### (StrOpt) default glance hostname or ip
 
 glance_port=<%= @glance_service_port %>
 #### (IntOpt) default glance port
 
-glance_api_servers=$glance_host:$glance_port
+# glance_api_servers=$glance_host:$glance_port
 #### (ListOpt) A list of the glance api servers available to cinder
 ####           ([hostname|ip]:port)
 
@@ -101,7 +90,7 @@ glance_api_servers=$glance_host:$glance_port
 # volume_topic=cinder-volume
 #### (StrOpt) the topic volume nodes listen on
 
-# api_rate_limit=true
+api_rate_limit=<%= node["cinder"]["api"]["ratelimit"] %>
 #### (BoolOpt) whether to rate limit the api
 
 # osapi_volume_ext_list=
@@ -156,7 +145,7 @@ glance_api_servers=$glance_host:$glance_port
 #### (StrOpt) time period to generate volume usages for.  Time period must
 ####          be hour, day, month or year
 
-root_helper=cinder-rootwrap
+# root_helper=cinder-rootwrap
 #### (StrOpt) Deprecated: command to use for running commands as root
 
 rootwrap_config=/etc/cinder/rootwrap.conf
@@ -175,7 +164,7 @@ rootwrap_config=/etc/cinder/rootwrap.conf
 # volume_api_class=cinder.volume.api.API
 #### (StrOpt) The full class name of the volume API class to use
 
-# auth_strategy=noauth
+auth_strategy=keystone
 #### (StrOpt) The strategy to use for auth. Supports noauth, keystone, and
 ####          deprecated.
 
@@ -380,10 +369,10 @@ db_backend=sqlalchemy
 # kombu_ssl_ca_certs=
 #### (StrOpt) SSL certification authority file (valid only if SSL enabled)
 
-# rabbit_host=localhost
+rabbit_host=<%= @rabbit_host %>
 #### (StrOpt) The RabbitMQ broker address where a single node is used
 
-# rabbit_port=5672
+rabbit_port=<%= @rabbit_port %>
 #### (IntOpt) The RabbitMQ broker port where a single node is used
 
 # rabbit_hosts=$rabbit_host:$rabbit_port
@@ -820,5 +809,5 @@ db_backend=sqlalchemy
 # zadara_vpsa_allow_nonexistent_delete=true
 #### (BoolOpt) Don't halt on deletion of non-existing volumes
 
-
-# Total option count: 219
+[keystone_authtoken]
+signing_dirname = /tmp/keystone-signing-cinder

templates/default/paste-api.ini.erb

@@ -1,51 +0,0 @@
-#############
-# Openstack #
-#############
-
-[composite:osapi_volume]
-use = call:cinder.api.openstack.urlmap:urlmap_factory
-/: osvolumeversions
-/v1: openstack_volume_api_v1
-
-[composite:openstack_volume_api_v1]
-use = call:cinder.api.auth:pipeline_factory
-noauth = faultwrap sizelimit noauth osapi_volume_app_v1
-keystone = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1
-keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1
-
-[filter:faultwrap]
-paste.filter_factory = cinder.api.openstack:FaultWrapper.factory
-
-[filter:noauth]
-paste.filter_factory = cinder.api.openstack.auth:NoAuthMiddleware.factory
-
-[filter:sizelimit]
-paste.filter_factory = cinder.api.sizelimit:RequestBodySizeLimiter.factory
-
-[app:osapi_volume_app_v1]
-paste.app_factory = cinder.api.openstack.volume:APIRouter.factory
-
-[pipeline:osvolumeversions]
-pipeline = faultwrap osvolumeversionapp
-
-[app:osvolumeversionapp]
-paste.app_factory = cinder.api.openstack.volume.versions:Versions.factory
-
-##########
-# Shared #
-##########
-
-[filter:keystonecontext]
-paste.filter_factory = cinder.api.auth:CinderKeystoneContext.factory
-
-[filter:authtoken]
-paste.filter_factory = keystone.middleware.auth_token:filter_factory
-service_protocol = http
-service_host = 127.0.0.1
-service_port = 5000
-auth_host = 127.0.0.1
-auth_port = 35357
-auth_protocol = http
-admin_tenant_name = %SERVICE_TENANT_NAME%
-admin_user = %SERVICE_USER%
-admin_password = %SERVICE_PASSWORD%

templates/default/targets.conf.erb

@@ -0,0 +1,7 @@
+<% if %w{redhat centos fedora}.include?(node["platform"]) %>
+include /var/lib/cinder/volumes/*
+<% end %>
+<% if %w{debian ubuntu}.include?(node["platform"]) %>
+include /etc/tgt/conf.d/*.conf
+<% end %>
+default-driver iscsi