Providing required priviledges to the mounted NFS volume

Since, user ID on host and container differs, image-create with NFS backend was failing with permission error. But even after resolving permission error[1] the image was not getting created on the nfs share as the NFS endpoint is not mounted successfully on the container via puppet. This will be fixed by [2]. Now, adding two below changes in this patch, [1]. chown glance:glance /var/lib/glance. [2]. Proposing this solution to mount NFS endpoint on the host instead of mounting it on glance container, because mounting in container does not work as explained in LP Bug. Closes-Bug: 1708629 Change-Id: Ib60cb0d179e7c117dc26440746154136aa9d163e
2017-09-11 11:51:57 +05:30 · 2017-09-11 11:51:57 +05:30 · ed11f8ebcf
parent 774e41199e
commit ed11f8ebcf
1 changed files with 23 additions and 0 deletions
--- a/docker/services/glance-api.yaml
+++ b/docker/services/glance-api.yaml
@ -44,6 +44,16 @@ parameters:
    description: >
      When using GlanceBackend 'file', mount NFS share for image storage.
    type: boolean
+  GlanceNfsShare:
+    default: ''
+    description: >
+      NFS share to mount for image storage (when GlanceNfsEnabled is true)
+    type: string
+  GlanceNfsOptions:
+    default: 'intr,context=system_u:object_r:glance_var_lib_t:s0'
+    description: >
+      NFS mount options for image storage (when GlanceNfsEnabled is true)
+    type: string

 conditions:

@ -102,6 +112,10 @@ outputs:
              dest: "/etc/ceph/"
              merge: true
              preserve_properties: true
+          permissions:
+            - path: /var/lib/glance
+              owner: glance:glance
+              recurse: true
        /var/lib/kolla/config_files/glance_api_tls_proxy.json:
          command: /usr/sbin/httpd -DFOREGROUND
          config_files:
@ -176,6 +190,15 @@ outputs:
                      - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
                - {}
      host_prep_tasks:
+        - name: Mount NFS on host
+          vars:
+            nfs_backend_enable: {get_param: GlanceNfsEnabled}
+          mount: name=/var/lib/glance src="{{item.NFS_SHARE}}" fstype=nfs4 opts="{{item.NFS_OPTIONS}}" state=mounted
+          with_items:
+            - NFS_SHARE: {get_param: GlanceNfsShare}
+              NFS_OPTIONS: {get_param: GlanceNfsOptions}
+          when:
+            - nfs_backend_enable
        - name: create persistent logs directory
          file:
            path: "{{ item }}"