From 643fcb2f30945b54da100c0e8ed7e9773718df4c Mon Sep 17 00:00:00 2001 From: Jan Klare Date: Fri, 22 Apr 2016 10:15:19 -0500 Subject: [PATCH] update the README after refactoring and align it with other cookbooks Change-Id: I5cb6fe4e0e63c042250dfaa11a9b0563f7f15a99 --- README.md | 281 ++++++++++++++++------------------------------------ metadata.rb | 5 - 2 files changed, 87 insertions(+), 199 deletions(-) diff --git a/README.md b/README.md index 1cc143e..ce272c8 100644 --- a/README.md +++ b/README.md @@ -1,49 +1,78 @@ Description =========== -This cookbook installs the OpenStack Image service **Glance** as part of an OpenStack reference deployment Chef for OpenStack. The http://github.com/mattray/chef-openstack-repo contains documentation for using this cookbook in the context of a full OpenStack deployment. Glance is installed from packages, optionally populating the repository with default images. +This cookbook installs the OpenStack Image service **Glance** as part of an +OpenStack reference deployment Chef for OpenStack. The +https://github.com/openstack/openstack-chef-repo contains documentation for using +this cookbook in the context of a full OpenStack deployment. Glance is installed +from packages, optionally populating the repository with default images. -http://glance.openstack.org/ +http://docs.openstack.org/mitaka/config-reference/image-service.html Requirements ============ -Chef 0.10.0 or higher required (for Chef environment use). +- Chef 12 or higher +- chefdk 0.9.0 for testing (also includes berkshelf for cookbook dependency + resolution) + +Platform +======== + +- ubuntu +- redhat +- centos Cookbooks ---------- +========= The following cookbooks are dependencies: -* openstack-common -* openstack-identity +- 'openstack-common', '>= 13.0.0' +- 'openstack-identity', '>= 13.0.0' -Usage -===== +Attributes +========== -api ------- +Please see the extensive inline documentation in `attributes/*.rb` for +descriptions of all the settable attributes for this cookbook. + +Note that all attributes are in the `default['openstack']` "namespace" + +The usage of attributes to generate the glance-api.conf glance-registry.conf is +decribed in the openstack-common cookbook. + +Recipes +======= + +## openstack-image::api - Installs the glance-api server -client ----- +## openstack-image::client - Install the glance client packages -registry --------- -- Installs the glance-registry server - -keystone-registration ---------------------- +## openstack-image::identityr_registration - Registers the API endpoint and glance service Keystone user -image-upload ------------- -- Upload image to glance. If you want to upload image during openstack installation, you need to add this recipe or the os-image role to the run list in a certain role and ensure before this recipe or the os-image role glance api and glance registry recipes have been executed. +## openstack-image::registry +- Installs the glance-registry server -The Glance cookbook currently supports file, swift, and Rackspace Cloud Files (swift API compliant) backing stores. NOTE: changing the storage location from cloudfiles to swift (and vice versa) requires that you manually export and import your stored images. +## openstack-image::image-upload +- Upload image to glance. If you want to upload image during openstack + installation, you need to add this recipe or the os-image role to the run list + in a certain role and ensure before this recipe or the os-image role glance api + and glance registry recipes have been executed. -To enable these features set the following in the default attributes section in your environment: +Glance Backend +============== + +The Glance cookbook currently supports file, swift, and Rackspace Cloud Files +(swift API compliant) backing stores. NOTE: changing the storage location from +cloudfiles to swift (and vice versa) requires that you manually export and +import your stored images. + +To enable these features set the following in the default attributes section in +your environment: Files ----- @@ -87,186 +116,50 @@ Action: `:upload` - `:image_url`: Location of the image to be loaded into Glance. - `:image_name`: A name for the image. -- `:image_type`: `unknown`, `qcow`, `ami`, `vhd`, `vmdk`, `vdi`, `iso`, `raw`. Defaults of `unknown` will use file extension '.gz', '.tgz' = ami, '.qcow2', '.img' = qcow. +- `:image_type`: `unknown`, `qcow`, `ami`, `vhd`, `vmdk`, `vdi`, `iso`, `raw`. + Defaults of `unknown` will use file extension '.gz', '.tgz' = ami, '.qcow2', + '.img' = qcow. - `:identity_user`: Username of the Keystone admin user. - `:identity_pass`: Password for the Keystone admin user. - `:identity_tenant`: Name of the Keystone admin user's tenant. - `:identity_uri`: URI of the Identity API endpoint. -For testing this provider with ChefSpec, a custom matcher was added to `libraries/matchers.rb`. - -Attributes -========== - -Attributes for the Image service are in the ['openstack']['image'] namespace. - -* `openstack['image']['verbose']` - Enables/disables verbose output for glance services. -* `openstack['image']['debug']` - Enables/disables debug output for glance services. -* `openstack['image']['identity_service_chef_role']` - The name of the Chef role that installs the Keystone Service API -* `openstack['image']['user'] - User glance runs as -* `openstack['image']['group'] - Group glance runs as -* `openstack['image']['db']['username']` - Username for glance database access -* `openstack['image']['api']['adminURL']` - Used when registering image endpoint with keystone -* `openstack['image']['api']['internalURL']` - Used when registering image endpoint with keystone -* `openstack['image']['api']['publicURL']` - Used when registering image endpoint with keystone -* `openstack['image']['service_tenant_name']` - Tenant name used by glance when interacting with keystone - used in the API and registry paste.ini files -* `openstack['image']['service_user']` - User name used by glance when interacting with keystone - used in the API and registry paste.ini files -* `openstack['image']['service_role']` - User role used by glance when interacting with keystone - used in the API and registry paste.ini files -* `openstack['image']['notification_driver']` - Notification driver, default noop. -* `openstack['image']['filesystem_store_metadata_file']` - A path to a JSON file that contains metadata describing the storage system. -* `openstack['image']['filesystem_store_metadata_id']` - The unique id for the filesystem store the images. -* `openstack['image']['filesystem_store_metadata_mountpoint']` - The mount point for the filesystem store the images; -* `openstack['image']['api']['workers']` - Set the number of glance api workers. -* `openstack['image']['api']['show_image_direct_url']` - Allow glance to return URL referencing where data is stored on the backend. Default 'False' -* `openstack['image']['api']['container_formats']` - Supported container formats for glance. -* `openstack['image']['api']['disk_formats']` - Supported disk formats for glance. -* `openstack['image']['api']['auth']['cache_dir']` - Defaults to `/var/cache/glance/api`. Directory where `auth_token` middleware writes certificates for glance-api -* `openstack['image']['registry']['auth']['cache_dir']` - Defaults to `/var/cache/glance/registry`. Directory where `auth_token` middleware writes certificates for glance-registry -* `openstack['image']['api']['auth']['memcached_servers']` - A list of memcached server(s) to use for caching -* `openstack['image']['registry']['auth']['memcached_servers']` - A list of memcached server(s) to use for caching -* `openstack['image']['api']['auth']['memcache_security_strategy']` - Whether token data should be authenticated or authenticated and encrypted. Acceptable values are MAC or ENCRYPT -* `openstack['image']['registry']['auth']['memcache_security_strategy']` - Whether token data should be authenticated or authenticated and encrypted. Acceptable values are MAC or ENCRYPT -* `openstack['image']['api']['auth']['memcache_secret_key']` - This string is used for key derivation -* `openstack['image']['registry']['auth']['memcache_secret_key']` - This string is used for key derivation -* `openstack['image']['api']['auth']['hash_algorithms']` - Hash algorithms to use for hashing PKI tokens -* `openstack['image']['registry']['auth']['hash_algorithms']` - Hash algorithms to use for hashing PKI tokens -* `openstack['image']['api']['auth']['cafile']` - A PEM encoded Certificate Authority to use when verifying HTTPs connections. -* `openstack['image']['registry']['auth']['cafile']` - A PEM encoded Certificate Authority to use when verifying HTTPs connections -* `openstack['image']['api']['auth']['insecure']` - Set whether to verify HTTPS connections -* `openstack['image']['registry']['auth']['insecure']` - Set whether to verify HTTPS connections -* `openstack['image']['upload_images']` - Default list of images to upload to the glance repository as part of the install -* `openstack['image']['upload_image']['']` - URL location of the `` image. There can be multiple instances of this line to define multiple imagess (eg natty, maverick, fedora17 etc) ---- example `openstack['image']['upload_image']['natty']` - "http://c250663.r63.cf1.rackcdn.com/ubuntu-11.04-server-uec-amd64-multinic.tar.gz" -* `openstack['image']['api']['default_store']` - Toggles the backend storage type. Currently supported is "file", "swift" and "rbd". -* `openstack['image']['api']['stores']` - List of which store classes and store class locations are currently known to glance at startup -* `openstack['image']['api']['block-storage']['cinder_catalog_info']` - Info to match when looking for cinder in the service catalog -* `openstack['image']['api']['block-storage']['cinder_api_insecure']` - Allow to perform insecure SSL requests to cinder (boolean value) -* `openstack['image']['api']['block-storage']['cinder_ca_certificates_file']` - Location of ca certicates file to use for cinder client requests -* `openstack['image']['api']['swift']['store_container']` - Set the container used by glance to store images and snapshots. Defaults to "glance" -* `openstack['image']['api']['swift']['store_large_object_size']` - Set the size at which glance starts to chunnk files. Defaults to "200" MB -* `openstack['image']['api']['swift']['store_large_object_chunk_size']` - Set the chunk size for glance. Defaults to "200" MB -* `openstack['image']['api']['swift']['enable_snet']` - Set whether to use ServiceNET to communicate with the Swift Storage servers. (Rackspace specific option) -* `openstack['image']['api']['swift']['store_region']` - The region of the swift endpoint to be used for single tenant. This setting is only necessary if the tenant has multiple swift endpoints. -* `openstack['image']['api']['rbd']['rbd_store_ceph_conf']` - Default location of ceph.conf -* `openstack['image']['api']['rbd']['rbd_store_user']` - User for connecting to ceph store -* `openstack['image']['api']['rbd']['rbd_store_pool']` - RADOS pool for images -* `openstack['image']['api']['rbd']['rbd_store_chunk_size']` - Size in MB of chunks for RADOS Store, should be a power of 2 -* `openstack['image']['api']['rbd']['key_name']` - The data bag item name used for the Cephx key of the rbd_store_user. -* `openstack['image']['cron']['redirection']` - Redirection of cron output -TODO: Add DB2 support on other platforms - -SSL attributes ---------------- - -Once SSL is enabled, endpoints attributes in Common need to updated to specify the https protocol. - -* `openstack['image']['ssl']['enabled']` - Enable SSL for Glance API and registry bind endpoints. Default is false. -* `openstack['image']['ssl']['api']['enabled']` - Enable SSL for Glance API bind endpoint. Default is from ['image']['ssl']['enabled']. -* `openstack['image']['ssl']['registry']['enabled']` - Enable SSL for Glance Registry bind endpoint. Default is from ['image']['ssl']['enabled']. -* `openstack['image']['ssl']['basedir']` - Base directory for SSL certficate and key file. -* `openstack['image']['ssl']['cert_file']` - Path of the cert file for SSL. -* `openstack['image']['ssl']['key_file']` - Path of the keyfile for SSL. -* `openstack['image']['ssl']['cert_required']` - Client certificate required. Default is False. -* `openstack['image']['ssl']['ca_file']` - Path of the CA cert file - -VMWare attributes ------------------ - -* `openstack['image']['api']['vmware']['secret_name']` - VMware databag secret name -* `openstack['image']['api']['vmware']['vmware_server_host']` - ESX/ESXi or vCenter Server target system. e.g. 127.0.0.1, 127.0.0.1:443, www.vmware-infra.com -* `openstack['image']['api']['vmware']['vmware_server_username']` - Server username (string value) -* `openstack['image']['api']['vmware']['vmware_datacenter_path']` - Inventory path to a datacenter (string value) -* `openstack['image']['api']['vmware']['vmware_datastore_name']` - Datastore associated with the datacenter (string value) -* `openstack['image']['api']['vmware']['vmware_api_retry_count']` - The number of times we retry on failures (integer value) -* `openstack['image']['api']['vmware']['vmware_task_poll_interval']` - The interval used for polling remote tasks invoked on VMware ESX/VC server in seconds (integer value) -* `openstack['image']['api']['vmware']['vmware_store_image_dir']` - Absolute path of the folder containing the images in the datastore (string value) -* `openstack['image']['api']['vmware']['vmware_api_insecure']` - Allow to perform insecure SSL requests to the target system (boolean value) - -MQ attributes -------------- - -* `openstack['image']['mq']['service_type']` - Select qpid or rabbitmq. default rabbitmq -* `openstack['image']['mq']['qpid']['host']` - The qpid host to use -* `openstack['image']['mq']['qpid']['port']` - The qpid port to use -* `openstack['image']['mq']['qpid']['qpid_hosts']` - Qpid hosts. TODO. use only when ha is specified. -* `openstack['image']['mq']['qpid']['username']` - Username for qpid connection -* `openstack['image']['mq']['qpid']['password']` - Password for qpid connection -* `openstack['image']['mq']['qpid']['sasl_mechanisms']` - Space separated list of SASL mechanisms to use for auth -* `openstack['image']['mq']['qpid']['reconnect_timeout']` - The number of seconds to wait before deciding that a reconnect attempt has failed. -* `openstack['image']['mq']['qpid']['reconnect_limit']` - The limit for the number of times to reconnect before considering the connection to be failed. -* `openstack['image']['mq']['qpid']['reconnect_interval_min']` - Minimum number of seconds between connection attempts. -* `openstack['image']['mq']['qpid']['reconnect_interval_max']` - Maximum number of seconds between connection attempts. -* `openstack['image']['mq']['qpid']['reconnect_interval']` - Equivalent to setting qpid_reconnect_interval_min and qpid_reconnect_interval_max to the same value. -* `openstack['image']['mq']['qpid']['heartbeat']` - Seconds between heartbeat messages sent to ensure that the connection is still alive. -* `openstack['image']['mq']['qpid']['protocol']` - Protocol to use. Default tcp. -* `openstack['image']['mq']['qpid']['tcp_nodelay']` - Disable the Nagle algorithm. default disabled. - -Messaging Common attributes ---------------------------- - -* `openstack['image']["control_exchange"]` - The AMQP exchange to connect to if using RabbitMQ or Qpid, defaults to openstack -* `openstack['image']['rpc_backend']` - The messaging module to use -* `openstack['image']['rpc_thread_pool_size']` - Size of RPC thread pool -* `openstack['image']['rpc_conn_pool_size']` - Size of RPC connection pool -* `openstack['image']['rpc_response_timeout']` - Seconds to wait for a response from call or multicall - -The following attributes are defined in attributes/default.rb of the common cookbook, but are documented here due to their relevance: - -* `openstack['endpoints']['image-api-bind']['host']` - The IP address to bind the api service to -* `openstack['endpoints']['image-api-bind']['port']` - The port to bind the api service to -* `openstack['endpoints']['image-api-bind']['bind_interface']` - The interface name to bind the api service to - -* `openstack['endpoints']['image-registry-bind']['host']` - The IP address to bind the registry service to -* `openstack['endpoints']['image-registry-bind']['port']` - The port to bind the registry service to -* `openstack['endpoints']['image-registry-bind']['bind_interface']` - The interface name to bind the registry service to - -If the value of the 'bind_interface' attribute is non-nil, then the image service will be bound to the first IP address on that interface. If the value of the 'bind_interface' attribute is nil, then the image service will be bound to the IP address specified in the host attribute. - -Testing -===== - -Please refer to the [TESTING.md](TESTING.md) for instructions for testing the cookbook. - -Berkshelf -===== - -Berks will resolve version requirements and dependencies on first run and -store these in Berksfile.lock. If new cookbooks become available you can run -`berks update` to update the references in Berksfile.lock. Berksfile.lock will -be included in stable branches to provide a known good set of dependencies. -Berksfile.lock will not be included in development branches to encourage -development against the latest cookbooks. +For testing this provider with ChefSpec, a custom matcher was added to +`libraries/matchers.rb`. License and Author ================== -Author:: Justin Shepherd () -Author:: Jason Cannavale () -Author:: Ron Pedde () -Author:: Joseph Breu () -Author:: William Kelly () -Author:: Darren Birkett () -Author:: Evan Callicoat () -Author:: Matt Ray () -Author:: Jay Pipes () -Author:: John Dewey () -Author:: Craig Tracey () -Author:: Sean Gallagher () -Author:: Mark Vanderwiel () -Author:: Salman Baset () -Author:: Chen Zhiwei (zhiwchen@cn.ibm.com) -Author:: Eric Zhou (zyouzhou@cn.ibm.com) -Author:: Jian Hua Geng (gengjh@cn.ibm.com) -Author:: Ionut Artarisi (iartarisi@suse.cz) -Author:: Imtiaz Chowdhury () -Author:: Jan Klare (j.klare@x-ion.de) - -Copyright 2012, Rackspace US, Inc. -Copyright 2012-2013, Opscode, Inc. -Copyright 2012-2013, AT&T Services, Inc. -Copyright 2013, Craig Tracey -Copyright 2013-2014, IBM Corp. -Copyright 2014, SUSE Linux, GmbH. +| | | +|:---------------------|:---------------------------------------------------| +| **Author** | Justin Shepherd () | +| **Author** | Jason Cannavale () | +| **Author** | Ron Pedde () | +| **Author** | Joseph Breu () | +| **Author** | William Kelly () | +| **Author** | Darren Birkett () | +| **Author** | Evan Callicoat () | +| **Author** | Matt Ray () | +| **Author** | Jay Pipes () | +| **Author** | John Dewey () | +| **Author** | Craig Tracey () | +| **Author** | Sean Gallagher () | +| **Author** | Mark Vanderwiel () | +| **Author** | Salman Baset () | +| **Author** | Chen Zhiwei () | +| **Author** | Eric Zhou () | +| **Author** | Jian Hua Geng () | +| **Author** | Ionut Artarisi () | +| **Author** | Imtiaz Chowdhury () | +| **Author** | Jan Klare () | +| **Author** | Christoph Albers () | +| | | +| **Copyright** | Copyright (c) 2012, Rackspace US, Inc. | +| **Copyright** | Copyright (c) 2012-2013, Opscode, Inc. | +| **Copyright** | Copyright (c) 2012-2013, AT&T Services, Inc. | +| **Copyright** | Copyright (c) 2013, Craig Tracey | +| **Copyright** | Copyright (c) 2013-2014, IBM Corp. | +| **Copyright** | Copyright (c) 2014, SUSE Linux, GmbH. | Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/metadata.rb b/metadata.rb index efe1b06..a617dfd 100644 --- a/metadata.rb +++ b/metadata.rb @@ -5,11 +5,6 @@ license 'Apache 2.0' description 'Installs and configures the Glance Image Registry and Delivery Service' long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) version '13.0.0' -recipe 'openstack-image::api', 'Installs packages required for a glance api server' -recipe 'openstack-image::client', 'Install packages required for glance client' -recipe 'openstack-image::registry', 'Installs packages required for a glance registry server' -recipe 'openstack-image::identity_registration', 'Registers Glance endpoints and service with Keystone' -recipe 'openstack-image::image_upload', 'Upload image using glance image-create command' %w(ubuntu redhat centos).each do |os| supports os