Fix for all possible storage cases

* Enable swift only if images and objects ceph are disabled
 * Set S3 endpoint using radosgw task

Change-Id: I8611669217827ccc8aad64b89557783470b3d0b3
Closes-Bug: #1604879
Closes-Bug: #1590700
(cherry picked from commit f1dd09eef8)
This commit is contained in:
Rodion Tikunov 2016-09-28 13:21:21 +03:00
parent 8f51f0fce6
commit 6c87246952
6 changed files with 128 additions and 107 deletions

View File

@ -21,6 +21,10 @@ if $storage_hash['objects_ceph'] {
$internal_url = "${internal_protocol}://${internal_address}:8080/swift/v1"
$admin_url = "${admin_protocol}://${admin_address}:8080/swift/v1"
$public_url_s3 = "${public_protocol}://${public_address}:8080"
$internal_url_s3 = "${internal_protocol}://${internal_address}:8080"
$admin_url_s3 = "${admin_protocol}://${admin_address}:8080"
class {'::osnailyfacter::wait_for_keystone_backends': }
keystone::resource::service_identity { 'radosgw':
@ -33,6 +37,18 @@ if $storage_hash['objects_ceph'] {
public_url => $public_url,
admin_url => $admin_url,
internal_url => $internal_url,
}->
keystone::resource::service_identity { 'radosgw_s3':
configure_user => false,
configure_user_role => false,
service_type => 's3',
service_description => 'Openstack Object-Store Service',
service_name => 'swift_s3',
region => $region,
public_url => $public_url_s3,
admin_url => $admin_url_s3,
internal_url => $internal_url_s3,
}
Class['::osnailyfacter::wait_for_keystone_backends'] -> Keystone::Resource::Service_Identity['radosgw']

View File

@ -54,6 +54,7 @@
groups: [primary-controller]
required_for: [deploy_end, controller_remaining_tasks]
requires: [apache, ceph-mon, primary-ceph-mon]
condition: "settings:storage.objects_ceph.value == true"
parameters:
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/ceph/radosgw.pp
puppet_modules: /etc/puppet/modules
@ -71,6 +72,7 @@
- name: primary-ceph-radosgw
required_for: [deploy_end, controller_remaining_tasks]
requires: [apache, ceph-mon, primary-ceph-mon]
condition: "settings:storage.objects_ceph.value == true"
parameters:
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/ceph/radosgw.pp
puppet_modules: /etc/puppet/modules
@ -86,6 +88,7 @@
groups: [primary-controller]
required_for: [primary-ceph-radosgw, ceph-radosgw]
requires: [primary-keystone, keystone]
condition: "settings:storage.objects_ceph.value == true"
cross-depends:
- name: keystone
parameters:

View File

@ -11,7 +11,7 @@ $ironic_hash = hiera_hash('ironic', {})
$external_lb = hiera('external_lb', false)
if !$external_lb {
if !($storage_hash['images_ceph'] and $storage_hash['objects_ceph']) and !$storage_hash['images_vcenter'] {
if (!$storage_hash['images_ceph'] and !$storage_hash['objects_ceph'] and !$storage_hash['images_vcenter']) {
$use_swift = true
} else {
$use_swift = false

View File

@ -16,7 +16,7 @@ $ironic_hash = hiera_hash('ironic', {})
$external_lb = hiera('external_lb', false)
if !($storage_hash['images_ceph'] and $storage_hash['objects_ceph']) and !$storage_hash['images_vcenter'] {
if (!$storage_hash['images_ceph'] and !$storage_hash['objects_ceph'] and !$storage_hash['images_vcenter']) {
$use_swift = true
} else {
$use_swift = false

View File

@ -51,122 +51,120 @@ $swift_internal_protocol = get_ssl_property($ssl_hash, {}, 'swift', 'internal
$swift_internal_address = get_ssl_property($ssl_hash, {}, 'swift', 'internal', 'hostname', [$swift_api_ipaddr, $management_vip])
# Use Swift if it isn't replaced by vCenter, Ceph for BOTH images and objects
if !($storage_hash['images_ceph'] and $storage_hash['objects_ceph']) and !$storage_hash['images_vcenter'] {
$master_swift_proxy_nodes = get_nodes_hash_by_roles($network_metadata, [$swift_master_role])
$master_swift_proxy_nodes_list = values($master_swift_proxy_nodes)
$master_swift_proxy_ip = regsubst($master_swift_proxy_nodes_list[0]['network_roles']['swift/api'], '\/\d+$', '')
$master_swift_replication_ip = regsubst($master_swift_proxy_nodes_list[0]['network_roles']['swift/replication'], '\/\d+$', '')
$swift_partition = hiera('swift_partition', '/var/lib/glance/node')
$master_swift_proxy_nodes = get_nodes_hash_by_roles($network_metadata, [$swift_master_role])
$master_swift_proxy_nodes_list = values($master_swift_proxy_nodes)
$master_swift_proxy_ip = regsubst($master_swift_proxy_nodes_list[0]['network_roles']['swift/api'], '\/\d+$', '')
$master_swift_replication_ip = regsubst($master_swift_proxy_nodes_list[0]['network_roles']['swift/replication'], '\/\d+$', '')
$swift_partition = hiera('swift_partition', '/var/lib/glance/node')
if ($deploy_swift_storage){
if !defined(File['/var/lib/glance']) {
file {'/var/lib/glance':
ensure => 'directory',
group => 'swift',
require => Package['swift'],
} -> Service <| tag == 'swift-service' |>
} else {
File['/var/lib/glance'] {
ensure => 'directory',
group => 'swift',
require +> Package['swift'],
}
File['/var/lib/glance'] -> Service <| tag == 'swift-service' |>
}
class { 'openstack::swift::storage_node':
storage_type => false,
loopback_size => '5243780',
storage_mnt_base_dir => $swift_partition,
storage_devices => filter_hash($mp_hash,'point'),
swift_zone => $master_swift_proxy_nodes_list[0]['swift_zone'],
swift_local_net_ip => $swift_storage_ipaddr,
master_swift_proxy_ip => $master_swift_proxy_ip,
master_swift_replication_ip => $master_swift_replication_ip,
sync_rings => ! $is_primary_swift_proxy,
debug => $debug,
verbose => $verbose,
log_facility => 'LOG_SYSLOG',
if ($deploy_swift_storage){
if !defined(File['/var/lib/glance']) {
file {'/var/lib/glance':
ensure => 'directory',
group => 'swift',
require => Package['swift'],
} -> Service <| tag == 'swift-service' |>
} else {
File['/var/lib/glance'] {
ensure => 'directory',
group => 'swift',
require +> Package['swift'],
}
File['/var/lib/glance'] -> Service <| tag == 'swift-service' |>
}
if $is_primary_swift_proxy {
ring_devices {'all':
storages => $swift_nodes,
require => Class['swift'],
}
class { 'openstack::swift::storage_node':
storage_type => false,
loopback_size => '5243780',
storage_mnt_base_dir => $swift_partition,
storage_devices => filter_hash($mp_hash,'point'),
swift_zone => $master_swift_proxy_nodes_list[0]['swift_zone'],
swift_local_net_ip => $swift_storage_ipaddr,
master_swift_proxy_ip => $master_swift_proxy_ip,
master_swift_replication_ip => $master_swift_replication_ip,
sync_rings => ! $is_primary_swift_proxy,
debug => $debug,
verbose => $verbose,
log_facility => 'LOG_SYSLOG',
}
}
if $is_primary_swift_proxy {
ring_devices {'all':
storages => $swift_nodes,
require => Class['swift'],
}
}
if $deploy_swift_proxy {
class { 'openstack::swift::proxy':
swift_user_password => $swift_hash['user_password'],
swift_operator_roles => $swift_operator_roles,
swift_proxies_cache => $memcaches_addr_list,
ring_part_power => $ring_part_power,
primary_proxy => $is_primary_swift_proxy,
swift_proxy_local_ipaddr => $swift_api_ipaddr,
swift_replication_local_ipaddr => $swift_storage_ipaddr,
master_swift_proxy_ip => $master_swift_proxy_ip,
master_swift_replication_ip => $master_swift_replication_ip,
proxy_port => $proxy_port,
proxy_workers => $service_workers,
debug => $debug,
verbose => $verbose,
log_facility => 'LOG_SYSLOG',
ceilometer => hiera('use_ceilometer',false),
ring_min_part_hours => $ring_min_part_hours,
admin_user => $keystone_user,
admin_tenant_name => $keystone_tenant,
admin_password => $keystone_password,
auth_host => $internal_auth_address,
auth_protocol => $internal_auth_protocol,
auth_uri => $auth_uri,
identity_uri => $identity_uri,
rabbit_user => $rabbit_hash['user'],
rabbit_password => $rabbit_hash['password'],
rabbit_hosts => split($rabbit_hosts, ', '),
}
if $deploy_swift_proxy {
class { 'openstack::swift::proxy':
swift_user_password => $swift_hash['user_password'],
swift_operator_roles => $swift_operator_roles,
swift_proxies_cache => $memcaches_addr_list,
ring_part_power => $ring_part_power,
primary_proxy => $is_primary_swift_proxy,
swift_proxy_local_ipaddr => $swift_api_ipaddr,
swift_replication_local_ipaddr => $swift_storage_ipaddr,
master_swift_proxy_ip => $master_swift_proxy_ip,
master_swift_replication_ip => $master_swift_replication_ip,
proxy_port => $proxy_port,
proxy_workers => $service_workers,
debug => $debug,
verbose => $verbose,
log_facility => 'LOG_SYSLOG',
ceilometer => hiera('use_ceilometer',false),
ring_min_part_hours => $ring_min_part_hours,
admin_user => $keystone_user,
admin_tenant_name => $keystone_tenant,
admin_password => $keystone_password,
auth_host => $internal_auth_address,
auth_protocol => $internal_auth_protocol,
auth_uri => $auth_uri,
identity_uri => $identity_uri,
rabbit_user => $rabbit_hash['user'],
rabbit_password => $rabbit_hash['password'],
rabbit_hosts => split($rabbit_hosts, ', '),
# Check swift proxy and internal VIP are from the same IP network. If no
# then it's possible to get network failure, so proxy couldn't access
# Keystone via VIP. In such cases swift health check returns OK, but all
# requests forwarded from HAproxy fail, see LP#1459772 In order to detect
# such bad swift backends we enable a service which checks Keystone
# availability from swift node. HAProxy monitors that service to get
# proper backend status.
# NOTE: this is the same logic in the HAproxy configuration so if it's
# updated there, this must be updated. See LP#1548275
$swift_api_network = get_network_role_property('swift/api', 'network')
$bind_to_one = has_ip_in_network($management_vip, $swift_api_network)
if !$bind_to_one {
$storage_nets = get_routable_networks_for_network_role($network_scheme, 'swift/replication', ' ')
$mgmt_nets = get_routable_networks_for_network_role($network_scheme, 'swift/api', ' ')
class { 'openstack::swift::status':
endpoint => "${swift_internal_protocol}://${swift_internal_address}:${proxy_port}",
scan_target => "${internal_auth_address}:5000",
only_from => "127.0.0.1 240.0.0.2 ${storage_nets} ${mgmt_nets}",
con_timeout => 5
}
# Check swift proxy and internal VIP are from the same IP network. If no
# then it's possible to get network failure, so proxy couldn't access
# Keystone via VIP. In such cases swift health check returns OK, but all
# requests forwarded from HAproxy fail, see LP#1459772 In order to detect
# such bad swift backends we enable a service which checks Keystone
# availability from swift node. HAProxy monitors that service to get
# proper backend status.
# NOTE: this is the same logic in the HAproxy configuration so if it's
# updated there, this must be updated. See LP#1548275
$swift_api_network = get_network_role_property('swift/api', 'network')
$bind_to_one = has_ip_in_network($management_vip, $swift_api_network)
Class['openstack::swift::status'] -> Class['swift::dispersion']
}
if !$bind_to_one {
$storage_nets = get_routable_networks_for_network_role($network_scheme, 'swift/replication', ' ')
$mgmt_nets = get_routable_networks_for_network_role($network_scheme, 'swift/api', ' ')
class { 'swift::dispersion':
auth_url => "${internal_auth_protocol}://${internal_auth_address}:5000/v2.0/",
auth_user => $keystone_user,
auth_tenant => $keystone_tenant,
auth_pass => $keystone_password,
auth_version => '2.0',
}
class { 'openstack::swift::status':
endpoint => "${swift_internal_protocol}://${swift_internal_address}:${proxy_port}",
scan_target => "${internal_auth_address}:5000",
only_from => "127.0.0.1 240.0.0.2 ${storage_nets} ${mgmt_nets}",
con_timeout => 5
}
Class['openstack::swift::proxy'] -> Class['swift::dispersion']
Service<| tag == 'swift-service' |> -> Class['swift::dispersion']
Class['openstack::swift::status'] -> Class['swift::dispersion']
}
class { 'swift::dispersion':
auth_url => "${internal_auth_protocol}://${internal_auth_address}:5000/v2.0/",
auth_user => $keystone_user,
auth_tenant => $keystone_tenant,
auth_pass => $keystone_password,
auth_version => '2.0',
}
Class['openstack::swift::proxy'] -> Class['swift::dispersion']
Service<| tag == 'swift-service' |> -> Class['swift::dispersion']
if defined(Class['openstack::swift::storage_node']) {
Class['openstack::swift::storage_node'] -> Class['swift::dispersion']
}
if defined(Class['openstack::swift::storage_node']) {
Class['openstack::swift::storage_node'] -> Class['swift::dispersion']
}
}

View File

@ -4,6 +4,7 @@
groups: [controller]
required_for: [deploy_end, controller_remaining_tasks]
requires: [openstack-controller]
condition: "settings:storage.objects_ceph.value == false and settings:storage.images_ceph.value == false and settings:storage.images_vcenter.value == false"
cross-depends:
- name: primary-swift
parameters:
@ -21,6 +22,7 @@
groups: [primary-controller]
required_for: [deploy_end, controller_remaining_tasks]
requires: [openstack-controller]
condition: "settings:storage.objects_ceph.value == false and settings:storage.images_ceph.value == false and settings:storage.images_vcenter.value == false"
cross-depends:
- name: /(primary-)?rabbitmq/
- name: swift-keystone
@ -40,6 +42,7 @@
groups: [primary-controller, controller]
required_for: [deploy_end]
requires: [primary-swift, swift]
condition: "settings:storage.objects_ceph.value == false and settings:storage.images_ceph.value == false and settings:storage.images_vcenter.value == false"
cross-depends:
- name: /(primary-)?swift/
role: self
@ -57,6 +60,7 @@
version: 2.0.0
groups: [primary-controller]
required_for: [primary-swift]
condition: "settings:storage.objects_ceph.value == false and settings:storage.images_ceph.value == false and settings:storage.images_vcenter.value == false"
cross-depends:
- name: keystone
requires: [primary-keystone, keystone]