Refactor openstack_tasks::swift

cherry picked from commit 52716670dc
Change-Id: I7ff5778367a30b00975ba41069dd6e11332a5c38
Related-bug: 1582646
This commit is contained in:
Dmitry Ilyin 2016-05-19 13:50:28 +03:00 committed by Ivan Berezovskiy
parent e41c957b9e
commit 765af856b6
7 changed files with 461 additions and 460 deletions

View File

@ -0,0 +1,12 @@
# create dirs for devices
define openstack_tasks::swift::parts::device_directory($devices) {
if (!defined(File[$devices])) {
file { $devices:
ensure => 'directory',
owner => 'swift',
group => 'swift',
recurse => true,
recurselimit => 1,
}
}
}

View File

@ -0,0 +1,227 @@
class openstack_tasks::swift::parts::proxy (
$swift_user_password = 'swift_pass',
$swift_hash_suffix = 'swift_secret',
$swift_max_header_size = '32768',
$swift_proxy_local_ipaddr = $::ipaddress_eth0,
$swift_replication_local_ipaddr = $::ipaddress_eth0,
$ring_part_power = 18,
$ring_replicas = 3,
$ring_min_part_hours = 1,
$proxy_pipeline = [
'catch_errors',
'crossdomain',
'healthcheck',
'cache',
'bulk',
'tempurl',
'ratelimit',
'formpost',
'swift3',
's3token',
'authtoken',
'keystone',
'staticweb',
'container_quotas',
'account_quotas',
'slo',
'proxy-server'],
$proxy_workers = $::processorcount,
$proxy_port = '8080',
$proxy_allow_account_management = true,
$proxy_account_autocreate = true,
$ratelimit_clock_accuracy = 1000,
$ratelimit_max_sleep_time_seconds = 60,
$ratelimit_log_sleep_time_seconds = 0,
$ratelimit_rate_buffer_seconds = 5,
$ratelimit_account_ratelimit = 0,
$package_ensure = 'present',
$swift_proxies_cache = ['127.0.0.1'],
$cache_server_port = '11211',
$primary_proxy = false,
$swift_devices = undef,
$master_swift_proxy_ip = undef,
$master_swift_replication_ip = undef,
$collect_exported = false,
$rings = ['account', 'object', 'container'],
$debug = false,
$verbose = true,
$log_facility = 'LOG_LOCAL1',
$ceilometer = false,
$admin_user = 'swift',
$admin_tenant_name = 'services',
$admin_password = 'password',
$auth_host = '10.0.0.1',
$auth_protocol = 'http',
$auth_uri = 'http://127.0.0.1:5000',
$identity_uri = 'http://127.0.0.1:35357',
$swift_operator_roles = ['admin', 'SwiftOperator'],
$rabbit_user = 'guest',
$rabbit_password = 'password',
$rabbit_hosts = '127.0.0.1:5672',
) {
if !defined(Class['swift']) {
class { 'swift':
swift_hash_suffix => $swift_hash_suffix,
package_ensure => $package_ensure,
max_header_size => $swift_max_header_size,
}
}
if !defined(Class['rsync::server']) {
class { '::rsync::server':
use_xinetd => true,
address => $local_net_ip,
use_chroot => 'no',
}
}
# calculate log_level
if $debug {
$log_level = 'DEBUG'
}
elsif $verbose {
$log_level = 'INFO'
}
else {
$log_level = 'WARNING'
}
if $ceilometer {
$new_proxy_pipeline = split(
inline_template(
"<%=
@proxy_pipeline.insert(-2, 'ceilometer').join(',')
%>"), ',')
class { '::swift::proxy::ceilometer':
rabbit_user => $rabbit_user,
rabbit_password => $rabbit_password,
rabbit_hosts => $rabbit_hosts,
}
}
else {
$new_proxy_pipeline = $proxy_pipeline
}
class { '::swift::proxy':
proxy_local_net_ip => $swift_proxy_local_ipaddr,
pipeline => $new_proxy_pipeline,
port => $proxy_port,
workers => $proxy_workers,
allow_account_management => $proxy_allow_account_management,
account_autocreate => $proxy_account_autocreate,
package_ensure => $package_ensure,
log_facility => $log_facility,
log_level => $log_level,
log_name => 'swift-proxy-server',
}
# configure all of the middlewares
class { ['::swift::proxy::catch_errors', '::swift::proxy::crossdomain', '::swift::proxy::healthcheck',
'::swift::proxy::bulk', '::swift::proxy::tempurl', '::swift::proxy::formpost', '::swift::proxy::swift3',
'::swift::proxy::staticweb', '::swift::proxy::container_quotas', '::swift::proxy::account_quotas',
'::swift::proxy::slo',]:
}
$cache_addresses = join(suffix($swift_proxies_cache, ":${cache_server_port}"), ',')
class { '::swift::proxy::cache': memcache_servers => split($cache_addresses, ',') }
class { '::swift::proxy::ratelimit':
clock_accuracy => $ratelimit_clock_accuracy,
max_sleep_time_seconds => $ratelimit_max_sleep_time_seconds,
log_sleep_time_seconds => $ratelimit_log_sleep_time_seconds,
rate_buffer_seconds => $ratelimit_rate_buffer_seconds,
account_ratelimit => $ratelimit_account_ratelimit,
}
class { '::swift::proxy::s3token':
auth_host => $auth_host,
auth_port => '35357',
auth_protocol => $auth_protocol,
}
class { '::swift::proxy::keystone':
operator_roles => $swift_operator_roles,
}
class { '::swift::proxy::authtoken':
admin_user => $admin_user,
admin_tenant_name => $admin_tenant_name,
admin_password => $admin_password,
auth_uri => $auth_uri,
identity_uri => $identity_uri,
}
if $primary_proxy {
# we need to exec swift ringrebuilder commands under swift user
Exec { user => 'swift' }
# Exit codes should be equal to 0 and 1 (bug #1402701)
Exec <| title == "rebalance_account" or title == "rebalance_container" or title == "rebalance_object" |> { returns => [0,1] }
# collect all of the resources that are needed
# to balance the ring
if $collect_exported {
Ring_object_device <<| tag == "${::deployment_id}::${::environment}" |>>
Ring_container_device <<| tag == "${::deployment_id}::${::environment}" |>>
Ring_account_device <<| tag == "${::deployment_id}::${::environment}" |>>
}
# create the ring
class { 'swift::ringbuilder':
# the part power should be determined by assuming 100 partitions per drive
part_power => $ring_part_power,
replicas => $ring_replicas,
min_part_hours => $ring_min_part_hours,
require => Class['swift'],
before => [Class['::swift::proxy']],
}
# sets up an rsync db that can be used to sync the ring DB
class { 'swift::ringserver':
local_net_ip => $swift_replication_local_ipaddr,
}
rsync::server::module { 'swift_backups':
path => '/etc/swift/backups',
lock_file => '/var/lock/swift_backups.lock',
uid => 'swift',
gid => 'swift',
incoming_chmod => false,
outgoing_chmod => false,
max_connections => '5',
read_only => true,
}
# resource ordering
Swift::Ringbuilder::Rebalance <||> -> Service['swift-proxy-server']
Swift::Ringbuilder::Rebalance <||> -> Swift::Storage::Generic <| |>
Swift::Ringbuilder::Create<||> ->
Ring_devices<||> ~>
Swift::Ringbuilder::Rebalance <||>
} else {
validate_string($master_swift_replication_ip)
if member($rings, 'account') and ! defined(Swift::Ringsync['account']) {
swift::ringsync { 'account': ring_server => $master_swift_replication_ip }
}
if member($rings, 'object') and ! defined(Swift::Ringsync['object']) {
swift::ringsync { 'object': ring_server => $master_swift_replication_ip }
}
if member($rings, 'container') and ! defined(Swift::Ringsync['container']) {
swift::ringsync { 'container': ring_server => $master_swift_replication_ip }
}
rsync::get { "/etc/swift/backups/":
source => "rsync://${master_swift_replication_ip}/swift_backups/",
recursive => true,
}
anchor { 'openstack_tasks_proxy_start' :} ->
Swift::Ringsync <| |> ~>
Service['swift-proxy-server'] ->
anchor { 'openstack_tasks_proxy_end' :}
}
}

View File

@ -0,0 +1,54 @@
class openstack_tasks::swift::parts::rebalance_cronjob(
$master_swift_replication_ip,
$primary_proxy = false,
$rings = ['account', 'object', 'container'],
$ring_rebalance_period = 23,
) {
# setup a cronjob to rebalance rings periodically on primary
file { '/usr/local/bin/swift-rings-rebalance.sh':
ensure => $primary_proxy ? {
true => file,
default => absent,
},
mode => '0755',
owner => 'root',
group => 'root',
content => template('openstack/swift/swift-rings-rebalance.sh.erb'),
}
cron { 'swift-rings-rebalance':
ensure => $primary_proxy ? {
true => present,
default => absent,
},
command => '/usr/local/bin/swift-rings-rebalance.sh &>/dev/null',
user => 'swift',
hour => "*/$ring_rebalance_period",
minute => '15',
}
# setup a cronjob to download rings periodically on secondaries
file { '/usr/local/bin/swift-rings-sync.sh':
ensure => $primary_proxy ? {
true => absent,
default => file,
},
mode => '0755',
owner => 'root',
group => 'root',
content => template('openstack/swift/swift-rings-sync.sh.erb'),
}
cron { 'swift-rings-sync':
ensure => $primary_proxy ? {
true => absent,
default => present,
},
command => '/usr/local/bin/swift-rings-sync.sh &>/dev/null',
user => 'swift',
hour => "*/$ring_rebalance_period",
minute => '25',
}
}

View File

@ -0,0 +1,40 @@
class openstack_tasks::swift::parts::status (
$address = '0.0.0.0',
$only_from = '127.0.0.1',
$port = '49001',
$endpoint = 'http://127.0.0.1:8080',
$scan_target = '127.0.0.1:5000',
$con_timeout = '5',
) {
augeas { 'swiftcheck':
context => '/files/etc/services',
changes => [
"set /files/etc/services/service-name[port = '${port}']/port ${port}",
"set /files/etc/services/service-name[port = '${port}'] swiftcheck",
"set /files/etc/services/service-name[port = '${port}']/protocol tcp",
"set /files/etc/services/service-name[port = '${port}']/#comment 'Swift Health Check'",
],
}
$group = $::osfamily ? {
'RedHat' => 'nobody',
'Debian' => 'nogroup',
default => 'nobody',
}
include xinetd
xinetd::service { 'swiftcheck':
bind => $address,
port => $port,
only_from => $only_from,
cps => '512 10',
per_source => 'UNLIMITED',
server => '/usr/bin/swiftcheck',
server_args => "${endpoint} ${scan_target} ${con_timeout}",
user => 'nobody',
group => $group,
flags => 'IPv4',
require => Augeas['swiftcheck'],
}
}

View File

@ -0,0 +1,120 @@
class openstack_tasks::swift::parts::storage_node (
$swift_zone,
$swift_hash_suffix = 'swift_secret',
$swift_max_header_size = '32768',
$swift_local_net_ip = $::ipaddress_eth0,
$storage_type = 'loopback',
$storage_base_dir = '/srv/loopback-device',
$storage_mnt_base_dir = '/srv/node',
$storage_devices = [
'1',
'2'],
$storage_weight = 1,
$package_ensure = 'present',
$loopback_size = '1048756',
$master_swift_proxy_ip,
$master_swift_replication_ip,
$rings = [
'account',
'object',
'container'],
$sync_rings = true,
$incoming_chmod = 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r',
$outgoing_chmod = 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r',
# if the cinder management components should be installed
$cinder = true,
$manage_volumes = false,
$nv_physical_volume = undef,
$cinder_volume_group = 'cinder-volumes',
$cinder_user_password = 'cinder_user_pass',
$cinder_db_password = 'cinder_db_pass',
$cinder_db_user = 'cinder',
$cinder_db_dbname = 'cinder',
$cinder_iscsi_bind_addr = false,
$cinder_rate_limits = false,
$db_host = '127.0.0.1',
$service_endpoint = '127.0.0.1',
$use_syslog = false,
$syslog_log_facility_cinder = 'LOG_LOCAL3',
$debug = false,
$verbose = true,
# Rabbit details necessary for cinder
$rabbit_nodes = false,
$rabbit_password = 'rabbit_pw',
$rabbit_host = false,
$rabbit_user = 'nova',
$rabbit_ha_virtual_ip = false,
$queue_provider = 'rabbitmq',
$qpid_password = 'qpid_pw',
$qpid_user = 'nova',
$qpid_nodes = ['127.0.0.1'],
$log_facility = 'LOG_LOCAL2',
) {
if !defined(Class['swift']) {
class { 'swift':
swift_hash_suffix => $swift_hash_suffix,
package_ensure => $package_ensure,
max_header_size => $swift_max_header_size,
}
}
if $storage_type == 'loopback' {
# create xfs partitions on a loopback device and mount them
swift::storage::loopback { $storage_devices:
base_dir => $storage_base_dir,
mnt_base_dir => $storage_mnt_base_dir,
seek => $loopback_size,
require => Class['swift'],
}
}
if $storage_devices != undef {
anchor {'swift-device-directories-start': } ->
openstack_tasks::swift::parts::device_directory { $storage_devices:
devices => $storage_mnt_base_dir,
}
}
# install all swift storage servers together
class { 'swift::storage::all':
storage_local_net_ip => $swift_local_net_ip,
devices => $storage_mnt_base_dir,
log_facility => $log_facility,
# We use directory for swift
mount_check => false,
}
# override log_name defaults for Swift::Storage::Server
# TODO (adidenko) move this into Hiera when it's ready
Swift::Storage::Server <| title == '6000' |> {
log_name => 'swift-object-server',
}
Swift::Storage::Server <| title == '6001' |> {
log_name => 'swift-container-server',
allow_versions => true,
}
Swift::Storage::Server <| title == '6002' |> {
log_name => 'swift-account-server',
}
Swift::Storage::Server <| |> {
incoming_chmod => $incoming_chmod,
outgoing_chmod => $outgoing_chmod,
}
validate_string($master_swift_replication_ip)
if $sync_rings {
if member($rings, 'account') and !defined(Swift::Ringsync['account']) {
swift::ringsync { 'account': ring_server => $master_swift_replication_ip }
}
if member($rings, 'object') and !defined(Swift::Ringsync['object']) {
swift::ringsync { 'object': ring_server => $master_swift_replication_ip }
}
if member($rings, 'container') and !defined(Swift::Ringsync['container']) {
swift::ringsync { 'container': ring_server => $master_swift_replication_ip }
}
Swift::Ringsync <| |> ~> Class["swift::storage::all"]
}
}

View File

@ -29,8 +29,7 @@ class openstack_tasks::swift::proxy_storage {
$keystone_password = pick($swift_hash['user_password'], 'passsword')
$keystone_tenant = pick($swift_hash['tenant'], 'services')
$workers_max = hiera('workers_max', 16)
$service_workers = pick($swift_hash['workers'],
min(max($::processorcount, 2), $workers_max))
$service_workers = pick($swift_hash['workers'], min(max($::processorcount, 2), $workers_max))
$ssl_hash = hiera_hash('use_ssl', {})
$rabbit_hash = hiera_hash('rabbit')
$rabbit_hosts = hiera('amqp_hosts')
@ -73,7 +72,7 @@ class openstack_tasks::swift::proxy_storage {
}
if $deploy_swift_proxy {
class { 'openstack::swift::proxy':
class { 'openstack_tasks::swift::parts::proxy':
swift_user_password => $swift_hash['user_password'],
swift_operator_roles => $swift_operator_roles,
swift_proxies_cache => $memcaches_addr_list,
@ -120,14 +119,14 @@ class openstack_tasks::swift::proxy_storage {
$storage_nets = get_routable_networks_for_network_role($network_scheme, 'swift/replication', ' ')
$mgmt_nets = get_routable_networks_for_network_role($network_scheme, 'swift/api', ' ')
class { 'openstack::swift::status':
class { 'openstack_tasks::swift::parts::status':
endpoint => "${swift_internal_protocol}://${swift_internal_address}:${proxy_port}",
scan_target => "${internal_auth_address}:5000",
only_from => "127.0.0.1 240.0.0.2 ${storage_nets} ${mgmt_nets}",
con_timeout => 5
}
Class['openstack::swift::status'] -> Class['swift::dispersion']
Class['openstack_tasks::swift::parts::status'] -> Class['swift::dispersion']
}
class { 'swift::dispersion':
@ -138,11 +137,11 @@ class openstack_tasks::swift::proxy_storage {
auth_version => '2.0',
}
Class['openstack::swift::proxy'] -> Class['swift::dispersion']
Class['openstack_tasks::swift::parts::proxy'] -> Class['swift::dispersion']
Service<| tag == 'swift-service' |> -> Class['swift::dispersion']
}
if ($deploy_swift_storage){
if $deploy_swift_storage {
if !defined(File['/var/lib/glance']) {
file {'/var/lib/glance':
ensure => 'directory',
@ -158,7 +157,7 @@ class openstack_tasks::swift::proxy_storage {
File['/var/lib/glance'] -> Service <| tag == 'swift-service' |>
}
class { 'openstack::swift::storage_node':
class { 'openstack_tasks::swift::parts::storage_node':
storage_type => false,
loopback_size => '5243780',
storage_mnt_base_dir => $swift_partition,
@ -173,405 +172,6 @@ class openstack_tasks::swift::proxy_storage {
log_facility => 'LOG_SYSLOG',
}
}
}
# FIXME(bogdando) requires decomposition and unit tests
class openstack::swift::status (
$address = '0.0.0.0',
$only_from = '127.0.0.1',
$port = '49001',
$endpoint = 'http://127.0.0.1:8080',
$scan_target = '127.0.0.1:5000',
$con_timeout = '5',
) {
augeas { 'swiftcheck':
context => '/files/etc/services',
changes => [
"set /files/etc/services/service-name[port = '${port}']/port ${port}",
"set /files/etc/services/service-name[port = '${port}'] swiftcheck",
"set /files/etc/services/service-name[port = '${port}']/protocol tcp",
"set /files/etc/services/service-name[port = '${port}']/#comment 'Swift Health Check'",
],
}
$group = $::osfamily ? {
'RedHat' => 'nobody',
'Debian' => 'nogroup',
default => 'nobody',
}
include xinetd
xinetd::service { 'swiftcheck':
bind => $address,
port => $port,
only_from => $only_from,
cps => '512 10',
per_source => 'UNLIMITED',
server => '/usr/bin/swiftcheck',
server_args => "${endpoint} ${scan_target} ${con_timeout}",
user => 'nobody',
group => $group,
flags => 'IPv4',
require => Augeas['swiftcheck'],
}
}
class openstack::swift::proxy (
$swift_user_password = 'swift_pass',
$swift_hash_suffix = 'swift_secret',
$swift_max_header_size = '32768',
$swift_proxy_local_ipaddr = $::ipaddress_eth0,
$swift_replication_local_ipaddr = $::ipaddress_eth0,
$ring_part_power = 18,
$ring_replicas = 3,
$ring_min_part_hours = 1,
$proxy_pipeline = [
'catch_errors',
'crossdomain',
'healthcheck',
'cache',
'bulk',
'tempurl',
'ratelimit',
'formpost',
'swift3',
's3token',
'authtoken',
'keystone',
'staticweb',
'container_quotas',
'account_quotas',
'slo',
'proxy-server'],
$proxy_workers = $::processorcount,
$proxy_port = '8080',
$proxy_allow_account_management = true,
$proxy_account_autocreate = true,
$ratelimit_clock_accuracy = 1000,
$ratelimit_max_sleep_time_seconds = 60,
$ratelimit_log_sleep_time_seconds = 0,
$ratelimit_rate_buffer_seconds = 5,
$ratelimit_account_ratelimit = 0,
$package_ensure = 'present',
$swift_proxies_cache = ['127.0.0.1'],
$cache_server_port = '11211',
$primary_proxy = false,
$swift_devices = undef,
$master_swift_proxy_ip = undef,
$master_swift_replication_ip = undef,
$collect_exported = false,
$rings = ['account', 'object', 'container'],
$debug = false,
$verbose = true,
$log_facility = 'LOG_LOCAL1',
$ceilometer = false,
$admin_user = 'swift',
$admin_tenant_name = 'services',
$admin_password = 'password',
$auth_host = '10.0.0.1',
$auth_protocol = 'http',
$auth_uri = 'http://127.0.0.1:5000',
$identity_uri = 'http://127.0.0.1:35357',
$swift_operator_roles = ['admin', 'SwiftOperator'],
$rabbit_user = 'guest',
$rabbit_password = 'password',
$rabbit_hosts = '127.0.0.1:5672',
) {
if !defined(Class['swift']) {
class { 'swift':
swift_hash_suffix => $swift_hash_suffix,
package_ensure => $package_ensure,
max_header_size => $swift_max_header_size,
}
}
if !defined(Class['rsync::server']) {
class { '::rsync::server':
use_xinetd => true,
address => $local_net_ip,
use_chroot => 'no',
}
}
# calculate log_level
if $debug {
$log_level = 'DEBUG'
}
elsif $verbose {
$log_level = 'INFO'
}
else {
$log_level = 'WARNING'
}
if $ceilometer {
$new_proxy_pipeline = split(
inline_template(
"<%=
@proxy_pipeline.insert(-2, 'ceilometer').join(',')
%>"), ',')
class { '::swift::proxy::ceilometer':
rabbit_user => $rabbit_user,
rabbit_password => $rabbit_password,
rabbit_hosts => $rabbit_hosts,
}
}
else {
$new_proxy_pipeline = $proxy_pipeline
}
class { '::swift::proxy':
proxy_local_net_ip => $swift_proxy_local_ipaddr,
pipeline => $new_proxy_pipeline,
port => $proxy_port,
workers => $proxy_workers,
allow_account_management => $proxy_allow_account_management,
account_autocreate => $proxy_account_autocreate,
package_ensure => $package_ensure,
log_facility => $log_facility,
log_level => $log_level,
log_name => 'swift-proxy-server',
}
# configure all of the middlewares
class { ['::swift::proxy::catch_errors', '::swift::proxy::crossdomain', '::swift::proxy::healthcheck',
'::swift::proxy::bulk', '::swift::proxy::tempurl', '::swift::proxy::formpost', '::swift::proxy::swift3',
'::swift::proxy::staticweb', '::swift::proxy::container_quotas', '::swift::proxy::account_quotas',
'::swift::proxy::slo',]:
}
$cache_addresses = join(suffix($swift_proxies_cache, ":${cache_server_port}"), ',')
class { '::swift::proxy::cache': memcache_servers => split($cache_addresses, ',') }
class { '::swift::proxy::ratelimit':
clock_accuracy => $ratelimit_clock_accuracy,
max_sleep_time_seconds => $ratelimit_max_sleep_time_seconds,
log_sleep_time_seconds => $ratelimit_log_sleep_time_seconds,
rate_buffer_seconds => $ratelimit_rate_buffer_seconds,
account_ratelimit => $ratelimit_account_ratelimit,
}
class { '::swift::proxy::s3token':
auth_host => $auth_host,
auth_port => '35357',
auth_protocol => $auth_protocol,
}
class { '::swift::proxy::keystone':
operator_roles => $swift_operator_roles,
}
class { '::swift::proxy::authtoken':
admin_user => $admin_user,
admin_tenant_name => $admin_tenant_name,
admin_password => $admin_password,
auth_uri => $auth_uri,
identity_uri => $identity_uri,
}
if $primary_proxy {
# we need to exec swift ringrebuilder commands under swift user
Exec { user => 'swift' }
# Exit codes should be equal to 0 and 1 (bug #1402701)
Exec <| title == "rebalance_account" or title == "rebalance_container" or title == "rebalance_object" |> { returns => [0,1] }
# collect all of the resources that are needed
# to balance the ring
if $collect_exported {
Ring_object_device <<| tag == "${::deployment_id}::${::environment}" |>>
Ring_container_device <<| tag == "${::deployment_id}::${::environment}" |>>
Ring_account_device <<| tag == "${::deployment_id}::${::environment}" |>>
}
# create the ring
class { 'swift::ringbuilder':
# the part power should be determined by assuming 100 partitions per drive
part_power => $ring_part_power,
replicas => $ring_replicas,
min_part_hours => $ring_min_part_hours,
require => Class['swift'],
before => [Class['::swift::proxy']],
}
# sets up an rsync db that can be used to sync the ring DB
class { 'swift::ringserver':
local_net_ip => $swift_replication_local_ipaddr,
}
rsync::server::module { 'swift_backups':
path => '/etc/swift/backups',
lock_file => '/var/lock/swift_backups.lock',
uid => 'swift',
gid => 'swift',
incoming_chmod => false,
outgoing_chmod => false,
max_connections => '5',
read_only => true,
}
# resource ordering
Swift::Ringbuilder::Rebalance <||> -> Service['swift-proxy-server']
Swift::Ringbuilder::Rebalance <||> -> Swift::Storage::Generic <| |>
Swift::Ringbuilder::Create<||> ->
Ring_devices<||> ~>
Swift::Ringbuilder::Rebalance <||>
} else {
validate_string($master_swift_replication_ip)
if member($rings, 'account') and ! defined(Swift::Ringsync['account']) {
swift::ringsync { 'account': ring_server => $master_swift_replication_ip }
}
if member($rings, 'object') and ! defined(Swift::Ringsync['object']) {
swift::ringsync { 'object': ring_server => $master_swift_replication_ip }
}
if member($rings, 'container') and ! defined(Swift::Ringsync['container']) {
swift::ringsync { 'container': ring_server => $master_swift_replication_ip }
}
rsync::get { "/etc/swift/backups/":
source => "rsync://${master_swift_replication_ip}/swift_backups/",
recursive => true,
}
Swift::Ringsync <| |> ~> Service['swift-proxy-server']
}
}
# FIXME(bogdando) requires decomposition and unit tests
class openstack::swift::storage_node (
$swift_zone,
$swift_hash_suffix = 'swift_secret',
$swift_max_header_size = '32768',
$swift_local_net_ip = $::ipaddress_eth0,
$storage_type = 'loopback',
$storage_base_dir = '/srv/loopback-device',
$storage_mnt_base_dir = '/srv/node',
$storage_devices = [
'1',
'2'],
$storage_weight = 1,
$package_ensure = 'present',
$loopback_size = '1048756',
$master_swift_proxy_ip,
$master_swift_replication_ip,
$rings = [
'account',
'object',
'container'],
$sync_rings = true,
$incoming_chmod = 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r',
$outgoing_chmod = 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r',
# if the cinder management components should be installed
$cinder = true,
$manage_volumes = false,
$nv_physical_volume = undef,
$cinder_volume_group = 'cinder-volumes',
$cinder_user_password = 'cinder_user_pass',
$cinder_db_password = 'cinder_db_pass',
$cinder_db_user = 'cinder',
$cinder_db_dbname = 'cinder',
$cinder_iscsi_bind_addr = false,
$cinder_rate_limits = false,
$db_host = '127.0.0.1',
$service_endpoint = '127.0.0.1',
$use_syslog = false,
$syslog_log_facility_cinder = 'LOG_LOCAL3',
$debug = false,
$verbose = true,
# Rabbit details necessary for cinder
$rabbit_nodes = false,
$rabbit_password = 'rabbit_pw',
$rabbit_host = false,
$rabbit_user = 'nova',
$rabbit_ha_virtual_ip = false,
$queue_provider = 'rabbitmq',
$qpid_password = 'qpid_pw',
$qpid_user = 'nova',
$qpid_nodes = ['127.0.0.1'],
$log_facility = 'LOG_LOCAL2',
) {
if !defined(Class['swift']) {
class { 'swift':
swift_hash_suffix => $swift_hash_suffix,
package_ensure => $package_ensure,
max_header_size => $swift_max_header_size,
}
}
if $storage_type == 'loopback' {
# create xfs partitions on a loopback device and mount them
swift::storage::loopback { $storage_devices:
base_dir => $storage_base_dir,
mnt_base_dir => $storage_mnt_base_dir,
seek => $loopback_size,
require => Class['swift'],
}
}
# create dirs for devices
define device_directory($devices) {
if(!defined(File[$devices])) {
file { $devices:
ensure => 'directory',
owner => 'swift',
group => 'swift',
recurse => true,
recurselimit => 1,
}
}
}
if ($storage_devices != undef) {
anchor {'swift-device-directories-start': } ->
device_directory { $storage_devices:
devices => $storage_mnt_base_dir,
}
}
# install all swift storage servers together
class { 'swift::storage::all':
storage_local_net_ip => $swift_local_net_ip,
devices => $storage_mnt_base_dir,
log_facility => $log_facility,
# We use directory for swift
mount_check => false,
}
# override log_name defaults for Swift::Storage::Server
# TODO (adidenko) move this into Hiera when it's ready
Swift::Storage::Server <| title == '6000' |> {
log_name => 'swift-object-server',
}
Swift::Storage::Server <| title == '6001' |> {
log_name => 'swift-container-server',
allow_versions => true,
}
Swift::Storage::Server <| title == '6002' |> {
log_name => 'swift-account-server',
}
Swift::Storage::Server <| |> {
incoming_chmod => $incoming_chmod,
outgoing_chmod => $outgoing_chmod,
}
validate_string($master_swift_replication_ip)
if $sync_rings {
if member($rings, 'account') and !defined(Swift::Ringsync['account']) {
swift::ringsync { 'account': ring_server => $master_swift_replication_ip }
}
if member($rings, 'object') and !defined(Swift::Ringsync['object']) {
swift::ringsync { 'object': ring_server => $master_swift_replication_ip }
}
if member($rings, 'container') and !defined(Swift::Ringsync['container']) {
swift::ringsync { 'container': ring_server => $master_swift_replication_ip }
}
Swift::Ringsync <| |> ~> Class["swift::storage::all"]
}
}
}

View File

@ -15,63 +15,11 @@ class openstack_tasks::swift::rebalance_cronjob {
$master_swift_replication_ip = $master_swift_replication_nodes_list[0]['network_roles']['swift/replication']
# setup a cronjob to rebalance and repush rings periodically
class { 'openstack::swift::rebalance_cronjob':
class { 'openstack_tasks::swift::parts::rebalance_cronjob':
ring_rebalance_period => min($ring_min_part_hours * 2, 23),
master_swift_replication_ip => $master_swift_replication_ip,
primary_proxy => hiera('is_primary_swift_proxy'),
}
}
class openstack::swift::rebalance_cronjob(
$master_swift_replication_ip,
$primary_proxy = false,
$rings = ['account', 'object', 'container'],
$ring_rebalance_period = 23,
) {
# setup a cronjob to rebalance rings periodically on primary
file { '/usr/local/bin/swift-rings-rebalance.sh':
ensure => $primary_proxy ? {
true => file,
default => absent,
},
mode => '0755',
owner => 'root',
group => 'root',
content => template('openstack/swift/swift-rings-rebalance.sh.erb'),
}
cron { 'swift-rings-rebalance':
ensure => $primary_proxy ? {
true => present,
default => absent,
},
command => '/usr/local/bin/swift-rings-rebalance.sh &>/dev/null',
user => 'swift',
hour => "*/$ring_rebalance_period",
minute => '15',
}
# setup a cronjob to download rings periodically on secondaries
file { '/usr/local/bin/swift-rings-sync.sh':
ensure => $primary_proxy ? {
true => absent,
default => file,
},
mode => '0755',
owner => 'root',
group => 'root',
content => template('openstack/swift/swift-rings-sync.sh.erb'),
}
cron { 'swift-rings-sync':
ensure => $primary_proxy ? {
true => absent,
default => present,
},
command => '/usr/local/bin/swift-rings-sync.sh &>/dev/null',
user => 'swift',
hour => "*/$ring_rebalance_period",
minute => '25',
}
}
}