Configure container_sync swift middleware
Add ability to configure container_sync proxy and related configs, which are required for proper container synchronization. Also fix swift noop tests. Change-Id: I34a6c2347273f4ecd82dacfeed8d0e9e16ecd5c1 Closes-bug: #1555015
This commit is contained in:
parent
14abded111
commit
b37478008e
|
@ -12,6 +12,7 @@ class openstack_tasks::swift::parts::proxy (
|
||||||
'crossdomain',
|
'crossdomain',
|
||||||
'healthcheck',
|
'healthcheck',
|
||||||
'cache',
|
'cache',
|
||||||
|
'container_sync',
|
||||||
'bulk',
|
'bulk',
|
||||||
'tempurl',
|
'tempurl',
|
||||||
'ratelimit',
|
'ratelimit',
|
||||||
|
@ -119,7 +120,7 @@ class openstack_tasks::swift::parts::proxy (
|
||||||
class { ['::swift::proxy::catch_errors', '::swift::proxy::crossdomain', '::swift::proxy::healthcheck',
|
class { ['::swift::proxy::catch_errors', '::swift::proxy::crossdomain', '::swift::proxy::healthcheck',
|
||||||
'::swift::proxy::bulk', '::swift::proxy::tempurl', '::swift::proxy::formpost', '::swift::proxy::swift3',
|
'::swift::proxy::bulk', '::swift::proxy::tempurl', '::swift::proxy::formpost', '::swift::proxy::swift3',
|
||||||
'::swift::proxy::staticweb', '::swift::proxy::container_quotas', '::swift::proxy::account_quotas',
|
'::swift::proxy::staticweb', '::swift::proxy::container_quotas', '::swift::proxy::account_quotas',
|
||||||
'::swift::proxy::slo',]:
|
'::swift::proxy::slo', '::swift::proxy::container_sync']:
|
||||||
}
|
}
|
||||||
|
|
||||||
$cache_addresses = join(suffix($swift_proxies_cache, ":${cache_server_port}"), ',')
|
$cache_addresses = join(suffix($swift_proxies_cache, ":${cache_server_port}"), ',')
|
||||||
|
|
|
@ -16,6 +16,7 @@ class openstack_tasks::swift::proxy_storage {
|
||||||
$proxy_port = hiera('proxy_port', '8080')
|
$proxy_port = hiera('proxy_port', '8080')
|
||||||
$storage_hash = hiera_hash('storage')
|
$storage_hash = hiera_hash('storage')
|
||||||
$management_vip = hiera('management_vip')
|
$management_vip = hiera('management_vip')
|
||||||
|
$public_ssl_hash = hiera_hash('public_ssl')
|
||||||
$swift_api_ipaddr = get_network_role_property('swift/api', 'ipaddr')
|
$swift_api_ipaddr = get_network_role_property('swift/api', 'ipaddr')
|
||||||
$swift_storage_ipaddr = get_network_role_property('swift/replication', 'ipaddr')
|
$swift_storage_ipaddr = get_network_role_property('swift/replication', 'ipaddr')
|
||||||
$debug = pick($swift_hash['debug'], hiera('debug', false))
|
$debug = pick($swift_hash['debug'], hiera('debug', false))
|
||||||
|
@ -24,6 +25,7 @@ class openstack_tasks::swift::proxy_storage {
|
||||||
$ring_part_power = pick($swift_hash['ring_part_power'], 10)
|
$ring_part_power = pick($swift_hash['ring_part_power'], 10)
|
||||||
$ring_min_part_hours = hiera('swift_ring_min_part_hours', 1)
|
$ring_min_part_hours = hiera('swift_ring_min_part_hours', 1)
|
||||||
$deploy_swift_proxy = hiera('deploy_swift_proxy', true)
|
$deploy_swift_proxy = hiera('deploy_swift_proxy', true)
|
||||||
|
$swift_realm1_key = hiera('swift_realm1_key', 'realm1key')
|
||||||
#Keystone settings
|
#Keystone settings
|
||||||
$keystone_user = pick($swift_hash['user'], 'swift')
|
$keystone_user = pick($swift_hash['user'], 'swift')
|
||||||
$keystone_password = pick($swift_hash['user_password'], 'passsword')
|
$keystone_password = pick($swift_hash['user_password'], 'passsword')
|
||||||
|
@ -45,8 +47,10 @@ class openstack_tasks::swift::proxy_storage {
|
||||||
$auth_uri = "${internal_auth_protocol}://${internal_auth_address}:5000/"
|
$auth_uri = "${internal_auth_protocol}://${internal_auth_address}:5000/"
|
||||||
$identity_uri = "${admin_auth_protocol}://${admin_auth_address}:35357/"
|
$identity_uri = "${admin_auth_protocol}://${admin_auth_address}:35357/"
|
||||||
|
|
||||||
$swift_internal_protocol = get_ssl_property($ssl_hash, {}, 'swift', 'internal', 'protocol', 'http')
|
$swift_internal_protocol = get_ssl_property($ssl_hash, {}, 'swift', 'internal', 'protocol', 'http')
|
||||||
$swift_internal_address = get_ssl_property($ssl_hash, {}, 'swift', 'internal', 'hostname', [$swift_api_ipaddr, $management_vip])
|
$swift_internal_address = get_ssl_property($ssl_hash, {}, 'swift', 'internal', 'hostname', [$swift_api_ipaddr, $management_vip])
|
||||||
|
$swift_public_protocol = get_ssl_property($ssl_hash, $public_ssl_hash, 'swift', 'public', 'protocol', 'http')
|
||||||
|
$swift_public_address = get_ssl_property($ssl_hash, $public_ssl_hash, 'swift', 'public', 'hostname', [hiera('public_vip')])
|
||||||
|
|
||||||
$swift_proxies_num = size(hiera('swift_proxies'))
|
$swift_proxies_num = size(hiera('swift_proxies'))
|
||||||
|
|
||||||
|
@ -173,5 +177,16 @@ class openstack_tasks::swift::proxy_storage {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# swift_container_sync_realms file specifying
|
||||||
|
# the allowable clusters and their information.
|
||||||
|
# Changes in this file don't require restart services.
|
||||||
|
# This config should be present on proxy and containers nodes.
|
||||||
|
if $deploy_swift_storage or $deploy_swift_proxy {
|
||||||
|
swift_container_sync_realms_config {
|
||||||
|
'realm1/key': value => $swift_realm1_key;
|
||||||
|
'realm1/cluster_name1': value => "${swift_public_protocol}://${swift_public_address}:8080/v1";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,11 +17,13 @@ describe manifest do
|
||||||
memcached_addresses = Noop.hiera 'memcached_addresses'
|
memcached_addresses = Noop.hiera 'memcached_addresses'
|
||||||
memcached_port = Noop.hiera 'memcache_server_port', '11211'
|
memcached_port = Noop.hiera 'memcache_server_port', '11211'
|
||||||
memcached_servers = memcached_addresses.map{ |n| n = n + ':' + memcached_port }
|
memcached_servers = memcached_addresses.map{ |n| n = n + ':' + memcached_port }
|
||||||
|
management_vip = Noop.hiera('management_vip')
|
||||||
|
|
||||||
swift_operator_roles = storage_hash.fetch('swift_operator_roles', ['admin', 'SwiftOperator', '_member_'])
|
swift_operator_roles = storage_hash.fetch('swift_operator_roles', ['admin', 'SwiftOperator', '_member_'])
|
||||||
ring_part_power = swift_hash.fetch('ring_part_power', 10)
|
ring_part_power = swift_hash.fetch('ring_part_power', 10)
|
||||||
ring_min_part_hours = Noop.hiera 'swift_ring_min_part_hours', 1
|
ring_min_part_hours = Noop.hiera 'swift_ring_min_part_hours', 1
|
||||||
deploy_swift_proxy = Noop.hiera('deploy_swift_proxy')
|
deploy_swift_proxy = Noop.hiera('deploy_swift_proxy', true)
|
||||||
|
deploy_swift_storage = Noop.hiera('deploy_swift_storage', true)
|
||||||
swift_proxies_num = (Noop.hiera('swift_proxies')).size
|
swift_proxies_num = (Noop.hiera('swift_proxies')).size
|
||||||
rabbit_hosts = Noop.hiera('amqp_hosts')
|
rabbit_hosts = Noop.hiera('amqp_hosts')
|
||||||
rabbit_user = Noop.hiera_structure('rabbit/user', 'nova')
|
rabbit_user = Noop.hiera_structure('rabbit/user', 'nova')
|
||||||
|
@ -48,7 +50,9 @@ describe manifest do
|
||||||
Noop.puppet_function 'has_ip_in_network', internal_virtual_ip, api_net
|
Noop.puppet_function 'has_ip_in_network', internal_virtual_ip, api_net
|
||||||
}
|
}
|
||||||
|
|
||||||
let(:ssl_hash) { Noop.hiera_hash 'use_ssl' }
|
let(:ssl_hash) { Noop.hiera_hash 'use_ssl', {} }
|
||||||
|
|
||||||
|
let(:public_ssl_hash) { Noop.hiera_hash 'public_ssl', {} }
|
||||||
|
|
||||||
let(:internal_auth_protocol) { Noop.puppet_function 'get_ssl_property',ssl_hash,{},'keystone','internal','protocol','http' }
|
let(:internal_auth_protocol) { Noop.puppet_function 'get_ssl_property',ssl_hash,{},'keystone','internal','protocol','http' }
|
||||||
|
|
||||||
|
@ -66,6 +70,8 @@ describe manifest do
|
||||||
let(:swift_api_ipaddr) { Noop.puppet_function 'get_network_role_property', 'swift/api', 'ipaddr' }
|
let(:swift_api_ipaddr) { Noop.puppet_function 'get_network_role_property', 'swift/api', 'ipaddr' }
|
||||||
let(:swift_internal_protocol) { Noop.puppet_function 'get_ssl_property',ssl_hash,{},'swift','internal','protocol','http' }
|
let(:swift_internal_protocol) { Noop.puppet_function 'get_ssl_property',ssl_hash,{},'swift','internal','protocol','http' }
|
||||||
let(:swift_interal_address) { Noop.puppet_function 'get_ssl_property',ssl_hash,{},'swift','internal','hostname',[swift_api_ipaddr, management_vip] }
|
let(:swift_interal_address) { Noop.puppet_function 'get_ssl_property',ssl_hash,{},'swift','internal','hostname',[swift_api_ipaddr, management_vip] }
|
||||||
|
let(:swift_public_protocol) { Noop.puppet_function 'get_ssl_property',ssl_hash,public_ssl_hash,'swift','public','protocol','http' }
|
||||||
|
let(:swift_public_address) { Noop.puppet_function 'get_ssl_property',ssl_hash,public_ssl_hash,'swift','public','hostname',[Noop.hiera('public_vip')] }
|
||||||
|
|
||||||
# Swift
|
# Swift
|
||||||
if !(storage_hash['images_ceph'] and storage_hash['objects_ceph']) and !storage_hash['images_vcenter']
|
if !(storage_hash['images_ceph'] and storage_hash['objects_ceph']) and !storage_hash['images_vcenter']
|
||||||
|
@ -145,61 +151,75 @@ describe manifest do
|
||||||
'group' => 'swift',
|
'group' => 'swift',
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
end
|
|
||||||
|
|
||||||
if deploy_swift_proxy
|
if deploy_swift_proxy
|
||||||
it 'should configure proxy workers' do
|
it 'should configure proxy workers' do
|
||||||
fallback_workers = [[facts[:processorcount].to_i, 2].max, workers_max.to_i].min
|
fallback_workers = [[facts[:processorcount].to_i, 2].max, workers_max.to_i].min
|
||||||
workers = swift_hash.fetch('workers', fallback_workers)
|
workers = swift_hash.fetch('workers', fallback_workers)
|
||||||
should contain_class('swift::proxy').with(
|
should contain_class('swift::proxy').with(
|
||||||
'workers' => workers)
|
'workers' => workers)
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'should declare swift::proxy class with 4 processess on 4 CPU & 32G system' do
|
it 'should declare swift::proxy class with 4 processess on 4 CPU & 32G system' do
|
||||||
should contain_class('swift::proxy').with(
|
should contain_class('swift::proxy').with(
|
||||||
'workers' => '4',
|
'workers' => '4',
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'should contain rabbit params' do
|
it 'should contain rabbit params' do
|
||||||
should contain_class('openstack::swift::proxy').with(
|
should contain_class('openstack_tasks::swift::parts::proxy').with(
|
||||||
:rabbit_user => rabbit_user,
|
:rabbit_user => rabbit_user,
|
||||||
:rabbit_password => rabbit_password,
|
:rabbit_password => rabbit_password,
|
||||||
:rabbit_hosts => rabbit_hosts.split(', '),
|
:rabbit_hosts => rabbit_hosts.split(', '),
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'should configure health check service correctly' do
|
it 'should configure health check service correctly' do
|
||||||
if !bind_to_one
|
if !bind_to_one
|
||||||
should_not contain_class('openstack::swift:status').with(
|
should_not contain_class('openstack_tasks::swift:::partsstatus').with(
|
||||||
:endpoint => "#{swift_internal_protocol}://#{swift_internal_address}:#{proxy_port}",
|
:endpoint => "#{swift_internal_protocol}://#{swift_internal_address}:#{proxy_port}",
|
||||||
:scan_target => "#{internal_auth_address}:5000",
|
:scan_target => "#{internal_auth_address}:5000",
|
||||||
:only_from => "127.0.0.1 240.0.0.2 #{storage_nets} #{mgmt_nets}",
|
:only_from => "127.0.0.1 240.0.0.2 #{storage_nets} #{mgmt_nets}",
|
||||||
:con_timeout => 5
|
:con_timeout => 5
|
||||||
).that_comes_before('Class[swift::dispersion]')
|
).that_comes_before('Class[swift::dispersion]')
|
||||||
else
|
else
|
||||||
should_not contain_class('openstack::swift:status')
|
should_not contain_class('openstack_tasks::swift::parts:status')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should contain valid auth uris' do
|
||||||
|
should contain_class('swift::proxy::authtoken').with(
|
||||||
|
'auth_uri' => auth_uri,
|
||||||
|
'identity_uri' => identity_uri,
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should contain container_sync class' do
|
||||||
|
should contain_class('swift::proxy::container_sync')
|
||||||
|
end
|
||||||
|
|
||||||
|
if role == 'primary-controller'
|
||||||
|
it 'should contain swift backups section in rsync conf' do
|
||||||
|
should contain rsync__server__module('swift_backups').with(
|
||||||
|
'path' => '/etc/swift/backups',
|
||||||
|
'lock_file' => '/var/lock/swift_backups.lock',
|
||||||
|
'uid' => 'swift',
|
||||||
|
'gid' => 'swift',
|
||||||
|
'incoming_chmod' => false,
|
||||||
|
'outgoing_chmod' => false,
|
||||||
|
'max_connections' => '5',
|
||||||
|
'read_only' => true,
|
||||||
|
)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'should contain valid auth uris' do
|
if deploy_swift_proxy or deploy_swift_storage
|
||||||
should contain_class('swift::proxy::authtoken').with(
|
realm1_key = Noop.hiera('swift_realm1_key', 'realm1key')
|
||||||
'auth_uri' => auth_uri,
|
it 'should contain swift_container-sync-realms config' do
|
||||||
'identity_uri' => identity_uri,
|
should contain_swift_container_sync_realms_config('realm1/key').with_value(realm1_key)
|
||||||
)
|
should contain_swift_container_sync_realms_config('realm1/cluster_name1').with_value("#{swift_public_protocol}://#{swift_public_address}:8080/v1")
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'should contain swift backups section in rsync conf' do
|
|
||||||
should contain rsync__server__module('swift_backups').with(
|
|
||||||
'path' => '/etc/swift/backups',
|
|
||||||
'lock_file' => '/var/lock/swift_backups.lock',
|
|
||||||
'uid' => 'swift',
|
|
||||||
'gid' => 'swift',
|
|
||||||
'incoming_chmod' => false,
|
|
||||||
'outgoing_chmod' => false,
|
|
||||||
'max_connections' => '5',
|
|
||||||
'read_only' => true,
|
|
||||||
)
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue