#!/bin/bash set -u FORMULA_DIR=$(dirname $0) ARG0=${0##*/} if [[ -e $FORMULA_DIR/swift-proxy-common ]] ; then . $FORMULA_DIR/swift-proxy-common else echo "ERROR: Could not load swift-proxy-common from $FORMULA_DIR" fi function install_hook { ### CANONICAL-SPECIFIC BEGIN ### # MAAS preseed is forcing apt to proxy through the deb caching proxy # on the MAAS server. This is preventing us from getting to # cloud-archive. Stop it. rm -f /etc/apt/apt.conf ### CANONICAL-SPECIFIC END ### apt-get -y --force-yes install python-software-properties || exit 1 add_ppa apt-get update for i in $PACKAGES ; do DEBIAN_FRONTEND=noninteractive apt-get -y --force-yes install $i done SWIFT_DEB_VERSION="$(dpkg-query -W -f='${Version}' 'swift-proxy')" # We are shipping swift-plugin-s3 here until it becomes available in # ubuntu-cloud.archive precise-updates/folsom if [ "${SWIFT_DEB_VERSION:0:3}" = "1.7" ]; then dpkg -i "$(dirname $0)/swift-plugin-s3_1.0.0~git201200618-0ubuntu1_all.deb" fi mkdir -p /etc/swift set_swift_hash || exit 1 create_proxy_conf mkdir $WWW_DIR chown www-data:www-data $WWW_DIR if [ "$USE_HTTPS" = "1" ]; then if [[ ! -e /etc/swift/cert.crt ]] ; then openssl req -new -x509 -nodes \ -out /etc/swift/cert.crt \ -keyout /etc/swift/cert.key \ -subj "/C=$COUNTRY/ST=$STATE/L=$LOCALE/CN=$COMMON_NAME" fi fi perl -pi -e "s/-l 127.0.0.1/-l $PROXY_LOCAL_NET_IP/" /etc/memcached.conf service memcached restart echo "swift-proxy-node - install: Initializing rings" for i in account container object ; do initialize_ring $i ; done } function proxy_joined { exit 0 } function proxy_changed { HOST=`relation-get hostname` DEVICES=`relation-get device` get_zone [[ -z $ZONE ]] || [[ -z $HOST ]] || [[ -z $DEVICES ]] && \ echo "ZONE|HOST|DEVICES not set. Peer not ready? Exit 0 and wait." && exit 0 if [[ $ZONE -gt $REPLICAS ]] ; then echo "ERROR: Peer $JUJU_REMOTE_UNIT attempting to join a non-existent zone!" exit 1 fi PORT=6000 RINGS="object container account" IP=$(dig +short $HOST) for i in $RINGS ; do if [[ ! -e /etc/swift/$i.builder ]] ; then echo "Ring $i missing, initializing" initialize_ring $i fi done for i in $RINGS ; do for DEVICE in $(echo $DEVICES | sed 's/:/ /g'); do if ! exists_in_ring ; then add_to_ring $i $ZONE $IP $PORT $DEVICE || exit 1 else juju-log "swift-proxy: $IP:$PORT/$DEVICE already exists in $ZONE" fi done PORT=$[$PORT+1] done echo "Current peers:" relation-list current_peers=$(relation-list | wc -l) # checks to find out if we should rebalance rings balance_file="/var/run/juju/swift-balanced" if [[ $current_peers -lt $REPLICAS ]] ; then echo "Not enough peers to maitain minimum $REPLICAS replicas ($current_peers/$REPLICAS), skipping rebalance." exit 0 fi if [[ -e $balance_file ]] ; then [[ $(cat $balance_file | cut -d, -f1) == $current_peers ]] && \ echo "Ring already balanced since $current_peers present." exit 0 fi echo "Balancing rings" for i in $RINGS ; do rebalance_ring $i || exit 1 done chown -R swift:swift /etc/swift stamp=`date +%Y%M%d-%H%M%S` export_dir="$WWW_DIR/$stamp" echo "$current_peers,$stamp" > $balance_file # rings have been balanced, push out new rings to nodes via webserver mkdir $export_dir echo "Copying rings to $export_dir for client consumption" for i in $RINGS ; do cp /etc/swift/$i.ring.gz $export_dir done chown -R swift:swift /etc/swift chown -R www-data $WWW_DIR relation-set update_url="http://$(unit-get private-address)/swift-rings/$stamp" relation-set swift_hash=$(cat $SWIFT_HASH_FILE) swift-init proxy status || swift-init proxy start } function proxy_broken { # remove all ring configuration on broken rm -rf /etc/swift/*.ring.gz rm -rf /etc/swift/*.builder rm -rf /etc/swift/backups rm -rf /var/run/juju/swift-balanced rm -rf /var/run/juju/checked-in rm -rf /var/run/juju/swift-zone rm -rf /var/www/swift-rings } function object-store_joined { # until we use keystone or another real auth system, # just return a tempauth user from config. USER=$(cat /etc/swift/proxy-server.conf | grep user_system_root | awk '{ print $1 }') USER=${USER##*_} PASSWORD=$(cat /etc/swift/proxy-server.conf | grep user_system_root | cut -d= -f2 | awk '{ print $1 }') URL=https://$(unit-get private-address):8080/auth/v1.0 relation-set user=$USER password=$PASSWORD url=$URL } [[ -d /etc/swift ]] && chown -R swift /etc/swift juju-log "swift-proxy: Firing hook $ARG0" case $ARG0 in "install") install_hook ;; "start"|"stop") exit 0 ;; "swift-proxy-relation-joined") proxy_joined ;; "swift-proxy-relation-changed") proxy_changed ;; "swift-proxy-relation-broken") proxy_broken ;; "object-store-relation-joined") object-store_joined ;; "object-store-relation-changed") exit 0 ;; esac