diff --git a/CHANGELOG.md b/CHANGELOG.md index 19b5933..46bf517 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ This file is used to list changes made in each version of cookbook-openstack-obj * Bump Chef gem to 11.16 * Add keystone registration support * Use Common bind endpoint +* Add swift.conf template ## 9.0.3 * Bugfix run_command exitstatus diff --git a/README.md b/README.md index cbecab7..266f7a4 100644 --- a/README.md +++ b/README.md @@ -77,18 +77,6 @@ Attributes * ```default[:swift][:swauth_version]``` - Specifies git repo tagged branch. Default "1.0.8" - * ```default[:swift][:swift_secret_databag_name]``` - this cookbook supports an optional secret databag where we will retrieve the following attributes overriding any default attributes below. (defaults to nil) - -``` - { - "id": "swift_dal2", - "swift_hash": "1a7c0568fa84" - "swift_authkey": "keY4all" - "dispersion_auth_user": "ops:dispersion", - "dispersion_auth_key": "dispersionpass" - } -``` - * ```default[:swift][:swift_hash]``` - swift_hash_path_suffix in /etc/swift/swift.conf (defaults to 107c0568ea84) * ```default[:swift][:audit_hour]``` - Hour to run swift_auditor on storage nodes (defaults to 5) @@ -135,6 +123,17 @@ For "swauth", the following attributes are used: * ```default[:swift][:authkey]``` - swauth super admin key if using swauth (defaults to test) +The following secrets can be defined in the databag defined in Common ['openstack']['secret']['secrets_data_bag'] + +``` + { + "swift_hash": "1a7c0568fa84" + "swift_authkey": "keY4all" + "dispersion_auth_user": "ops:dispersion", + "dispersion_auth_key": "dispersionpass" + } +``` + In addition, because swift is typically deployed as a cluster there are some attributes used to find interfaces and ip addresses on storage nodes: diff --git a/attributes/default.rb b/attributes/default.rb index 5e85446..fb652f2 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -24,26 +24,97 @@ default['openstack']['object-storage']['service_role'] = 'admin' default['openstack']['compute']['region'] = node['openstack']['region'] +# Set to some text value if you want templated config files +# to contain a custom banner at the top of the written file +default['openstack']['object-storage']['custom_template_banner'] = " +# This file autogenerated by Chef +# Do not edit, changes will be overwritten +" + #-------------------- # node/ring settings #-------------------- default['openstack']['object-storage']['state'] = {} -default['openstack']['object-storage']['swift_hash'] = '107c0568ea84' default['openstack']['object-storage']['audit_hour'] = '5' default['openstack']['object-storage']['disk_enum_expr'] = 'node[:block_device]' default['openstack']['object-storage']['auto_rebuild_rings'] = false default['openstack']['object-storage']['git_builder_ip'] = '127.0.0.1' +# swift_hash_path_suffix and swift_hash_path_prefix are used as part of the +# the hashing algorithm when determining data placement in the cluster. +# These values should remain secret and MUST NOT change +# once a cluster has been deployed. +# Deprecated in juno, use swift_hash_path_prefix +default['openstack']['object-storage']['swift_hash'] = nil +# A value of nil will get the hash from the get_secret library method in common +default['openstack']['object-storage']['swift_hash_path_prefix'] = node['openstack']['object-storage']['swift_hash'] +default['openstack']['object-storage']['swift_hash_path_suffix'] = nil + +# The swift-constraints section sets the basic constraints on data +# saved in the swift cluster. These constraints are automatically +# published by the proxy server in responses to /info requests. + +# max_file_size is the largest "normal" object that can be saved in +# the cluster. This is also the limit on the size of each segment of +# a "large" object when using the large object manifest support. +# This value is set in bytes. Setting it to lower than 1MiB will cause +# some tests to fail. It is STRONGLY recommended to leave this value at +# the default (5 * 2**30 + 2). +default['openstack']['object-storage']['max_file_size'] = 5368709122 +# max_meta_name_length is the max number of bytes in the utf8 encoding +# of the name portion of a metadata header. +default['openstack']['object-storage']['max_meta_name_length'] = 128 +# max_meta_value_length is the max number of bytes in the utf8 encoding +# of a metadata value +default['openstack']['object-storage']['max_meta_value_length'] = 256 +# max_meta_count is the max number of metadata keys that can be stored +# on a single account, container, or object +default['openstack']['object-storage']['max_meta_count'] = 90 +# max_meta_overall_size is the max number of bytes in the utf8 encoding +# of the metadata (keys + values) +default['openstack']['object-storage']['max_meta_overall_size'] = 4096 +# max_header_size is the max number of bytes in the utf8 encoding of each +# header. Using 8192 as default because eventlet use 8192 as max size of +# header line. This value may need to be increased when using identity +# v3 API tokens including more than 7 catalog entries. +# See also include_service_catalog in proxy-server.conf-sample +# (documented in overview_auth.rst) +default['openstack']['object-storage']['max_header_size'] = 8192 +# max_object_name_length is the max number of bytes in the utf8 encoding +# of an object name +default['openstack']['object-storage']['max_object_name_length'] = 1024 +# container_listing_limit is the default (and max) number of items +# returned for a container listing request +default['openstack']['object-storage']['container_listing_limit'] = 10000 +# account_listing_limit is the default (and max) number of items returned +# for an account listing request +default['openstack']['object-storage']['account_listing_limit'] = 10000 +# max_account_name_length is the max number of bytes in the utf8 encoding +# of an account name +default['openstack']['object-storage']['max_account_name_length'] = 256 +# max_container_name_length is the max number of bytes in the utf8 encoding +# of a container name +default['openstack']['object-storage']['max_container_name_length'] = 256 + # the release only has any effect on ubuntu, and must be # a valid release on http://ubuntu-cloud.archive.canonical.com/ubuntu default['openstack']['object-storage']['release'] = 'juno' +# Use the openstack-common cookbook databags with the +# following keys: +# secret tokens +# "swift_hash_path_prefix" +# "swift_hash_path_suffix" +# "swift_authkey" +# "dispersion_auth_key" +# "dispersion_auth_user" + +# The follow swift specific databag support is DEPRECATED. # we support an optional secret databag where we will retrieve the # following attributes overriding any default attributes here # # { -# "id": "swift_dal2", # "swift_hash": "107c0568ea84" # "swift_authkey": "keW4all" # "dispersion_auth_user": "test:test", @@ -67,7 +138,7 @@ default['openstack']['object-storage']['container_server_chef_role'] = 'swift-c #-------------------- default['openstack']['object-storage']['authmode'] = 'swauth' -default['openstack']['object-storage']['authkey'] = 'test' +default['openstack']['object-storage']['authkey'] = nil default['openstack']['object-storage']['swift_url'] = 'http://127.0.0.1:8080/v1/' default['openstack']['object-storage']['swauth_url'] = 'http://127.0.0.1:8080/v1/' default['openstack']['object-storage']['auth_url'] = 'http://127.0.0.1:8080/auth/v1.0' @@ -76,8 +147,8 @@ default['openstack']['object-storage']['auth_url'] = 'http://127.0. # dispersion settings #--------------------- -default['openstack']['object-storage']['dispersion']['auth_user'] = 'test:test' -default['openstack']['object-storage']['dispersion']['auth_key'] = 'test' +default['openstack']['object-storage']['dispersion']['auth_user'] = nil +default['openstack']['object-storage']['dispersion']['auth_key'] = nil # settings for the swift ring - these default settings are # a safe setting for testing but part_power should be set to diff --git a/recipes/common.rb b/recipes/common.rb index 26ef82d..ea86621 100644 --- a/recipes/common.rb +++ b/recipes/common.rb @@ -79,18 +79,25 @@ end # determine hash if node['openstack']['object-storage']['swift_secret_databag_name'].nil? - swifthash = node['openstack']['object-storage']['swift_hash'] + swift_hash_path_prefix = node['openstack']['object-storage']['swift_hash_path_prefix'] + swift_hash_path_prefix = get_secret 'swift_hash_path_prefix' if swift_hash_path_prefix.nil? + swift_hash_path_suffix = node['openstack']['object-storage']['swift_hash_path_suffix'] + swift_hash_path_suffix = get_secret 'swift_hash_path_suffix' if swift_hash_path_suffix.nil? else + # Deprecated, else case to be removed. swift_secrets = Chef::EncryptedDataBagItem.load 'secrets', node['openstack']['object-storage']['swift_secret_databag_name'] - swifthash = swift_secrets['swift_hash'] + swift_hash_path_prefix = swift_secrets['swift_hash'] end -file '/etc/swift/swift.conf' do - action :create +template '/etc/swift/swift.conf' do + source 'swift.conf.erb' owner 'swift' group 'swift' mode 0700 - content "[swift-hash]\nswift_hash_path_suffix=#{swifthash}\n" + variables( + swift_hash_path_prefix: swift_hash_path_prefix, + swift_hash_path_suffix: swift_hash_path_suffix + ) only_if '/usr/bin/id swift' end diff --git a/recipes/management-server.rb b/recipes/management-server.rb index 0df8c60..2a94a48 100644 --- a/recipes/management-server.rb +++ b/recipes/management-server.rb @@ -57,8 +57,12 @@ end # determine where to find dispersion login information if node['openstack']['object-storage']['swift_secret_databag_name'].nil? auth_user = node['openstack']['object-storage']['dispersion']['auth_user'] + auth_user = get_secret 'dispersion_auth_user' if auth_user.nil? + auth_key = node['openstack']['object-storage']['dispersion']['auth_key'] + auth_key = get_secret 'dispersion_auth_key' if auth_key.nil? else + # Deprecated, else case to be removed. swift_secrets = Chef::EncryptedDataBagItem.load 'secrets', node['openstack']['object-storage']['swift_secret_databag_name'] auth_user = swift_secrets['dispersion_auth_user'] auth_key = swift_secrets['dispersion_auth_key'] diff --git a/recipes/proxy-server.rb b/recipes/proxy-server.rb index 80b9c58..3d6e52a 100644 --- a/recipes/proxy-server.rb +++ b/recipes/proxy-server.rb @@ -122,7 +122,9 @@ end # determine authkey to use if node['openstack']['object-storage']['swift_secret_databag_name'].nil? authkey = node['openstack']['object-storage']['authkey'] + authkey = get_secret 'swift_authkey' if authkey.nil? else + # Deprecated, else case to be removed. swift_secrets = Chef::EncryptedDataBagItem.load 'secrets', node['openstack']['object-storage']['swift_secret_databag_name'] authkey = swift_secrets['swift_authkey'] end diff --git a/spec/account_spec.rb b/spec/account_spec.rb index be25f00..5866748 100644 --- a/spec/account_spec.rb +++ b/spec/account_spec.rb @@ -37,6 +37,10 @@ describe 'openstack-object-storage::account-server' do describe '/etc/swift/account-server.conf' do let(:file) { chef_run.template('/etc/swift/account-server.conf') } + it_behaves_like 'custom template banner displayer' do + let(:file_name) { file.name } + end + it 'creates account-server.conf' do expect(chef_run).to create_template(file.name).with( user: 'swift', diff --git a/spec/common_spec.rb b/spec/common_spec.rb index fd3c86a..10fecc1 100644 --- a/spec/common_spec.rb +++ b/spec/common_spec.rb @@ -15,6 +15,22 @@ describe 'openstack-object-storage::common' do expect(chef_run).to include_recipe('openstack-common::sysctl') end + it 'upgrades swift packages' do + expect(chef_run).to upgrade_package('swift') + end + + it 'does not create swift user' do + expect(chef_run).not_to create_user('swift').with( + shell: '/bin/bash' + ) + end + + it 'executes pull rings' do + expect(chef_run).to run_execute('/etc/swift/pull-rings.sh').with( + cwd: '/etc/swift' + ) + end + describe '60-openstack.conf' do let(:file) { chef_run.template('/etc/sysctl.d/60-openstack.conf') } @@ -59,10 +75,14 @@ describe 'openstack-object-storage::common' do end describe '/etc/swift/swift.conf' do - let(:file) { chef_run.file('/etc/swift/swift.conf') } + let(:file) { chef_run.template('/etc/swift/swift.conf') } + + it_behaves_like 'custom template banner displayer' do + let(:file_name) { file.name } + end it 'creates swift.conf' do - expect(chef_run).to create_file(file.name).with( + expect(chef_run).to create_template(file.name).with( user: 'swift', group: 'swift', mode: 0700 @@ -70,13 +90,44 @@ describe 'openstack-object-storage::common' do end it 'template contents' do - skip 'TODO: implement' + [ + /^swift_hash_path_prefix = swift_hash_path_prefix-secret$/, + /^swift_hash_path_suffix = swift_hash_path_suffix-secret$/, + /^max_file_size = 5368709122$/, + /^max_meta_name_length = 128$/, + /^max_meta_value_length = 256$/, + /^max_meta_count = 90$/, + /^max_meta_overall_size = 4096$/, + /^max_header_size = 8192$/, + /^max_object_name_length = 1024$/, + /^container_listing_limit = 10000$/, + /^account_listing_limit = 10000$/, + /^max_account_name_length = 256$/, + /^max_container_name_length = 256$/ + ].each do |content| + expect(chef_run).to render_file(file.name).with_content(content) + end + end + + it 'template contents with hash overrides' do + node.set['openstack']['object-storage']['swift_hash_path_prefix'] = '1234' + node.set['openstack']['object-storage']['swift_hash_path_suffix'] = '4321' + [ + /^swift_hash_path_prefix = 1234$/, + /^swift_hash_path_suffix = 4321$/ + ].each do |content| + expect(chef_run).to render_file(file.name).with_content(content) + end end end describe '/etc/swift/pull-rings.sh' do let(:file) { chef_run.template('/etc/swift/pull-rings.sh') } + it_behaves_like 'custom template banner displayer' do + let(:file_name) { file.name } + end + it 'creates pull-rings.sh' do expect(chef_run).to create_template(file.name).with( user: 'swift', diff --git a/spec/container_spec.rb b/spec/container_spec.rb index 4caaf93..4e11068 100644 --- a/spec/container_spec.rb +++ b/spec/container_spec.rb @@ -30,6 +30,36 @@ describe 'openstack-object-storage::container-server' do end end + describe '/etc/swift/container-server.conf' do + let(:file) { chef_run.template('/etc/swift/container-server.conf') } + + it_behaves_like 'custom template banner displayer' do + let(:file_name) { file.name } + end + + it 'creates account-server.conf' do + expect(chef_run).to create_template(file.name).with( + user: 'swift', + group: 'swift', + mode: 0600 + ) + end + + it 'has allowed sync hosts' do + node.set['openstack']['object-storage']['container-server']['allowed_sync_hosts'] = %w(host1 host2) + expect(chef_run).to render_file(file.name).with_content('allowed_sync_hosts = host1,host2') + end + + { 'bind_ip' => '0.0.0.0', + 'bind_port' => '6001', + 'log_statsd_default_sample_rate' => '1', + 'log_statsd_metric_prefix' => 'openstack.swift.Fauxhai' }.each do |k, v| + it "sets the #{k}" do + expect(chef_run).to render_file(file.name).with_content(/^#{Regexp.quote("#{k} = #{v}")}$/) + end + end + end + describe 'container sync' do let(:file) { chef_run.cookbook_file('/etc/init/swift-container-sync.conf') } let(:link) { chef_run.link('/etc/init.d/swift-container-sync') } diff --git a/spec/management_spec.rb b/spec/management_spec.rb index 8cd64ee..9374bf7 100644 --- a/spec/management_spec.rb +++ b/spec/management_spec.rb @@ -18,6 +18,10 @@ describe 'openstack-object-storage::management-server' do describe '/etc/swift/dispersion.conf' do let(:file) { chef_run.template('/etc/swift/dispersion.conf') } + it_behaves_like 'custom template banner displayer' do + let(:file_name) { file.name } + end + it 'creates dispersion.conf' do expect(chef_run).to create_template(file.name).with( user: 'swift', @@ -36,11 +40,11 @@ describe 'openstack-object-storage::management-server' do end it 'uses default attribute value for dispersion auth_user' do - expect(chef_run.node['openstack']['object-storage']['dispersion']['auth_user']).to eq('test:test') + expect(chef_run.node['openstack']['object-storage']['dispersion']['auth_user']).to eq(nil) end it 'uses default attribute value for dispersion auth_key' do - expect(chef_run.node['openstack']['object-storage']['dispersion']['auth_key']).to eq('test') + expect(chef_run.node['openstack']['object-storage']['dispersion']['auth_key']).to eq(nil) end end @@ -50,7 +54,15 @@ describe 'openstack-object-storage::management-server' do expect(chef_run).to render_file(file.name).with_content(/^auth_url = auth_url_value$/) end - context 'with databag' do + context 'with user databag' do + %w(user key).each do |attr| + it "sets the auth_#{attr}" do + expect(chef_run).to render_file(file.name).with_content(/^auth_#{attr} = dispersion_auth_#{attr}-secret$/) + end + end + end + + context 'with swift databag' do let(:swift_secrets) do { 'dispersion_auth_user' => 'dispersion_auth_user_value', 'dispersion_auth_key' => 'dispersion_auth_key_value' } @@ -70,7 +82,7 @@ describe 'openstack-object-storage::management-server' do end end - context 'without databag' do + context 'without swift databag' do before do node.set['openstack']['object-storage']['swift_secret_databag_name'] = nil end @@ -82,6 +94,29 @@ describe 'openstack-object-storage::management-server' do end end end + + it 'template default contents' do + [ + %r{^auth_url = http://127.0.0.1:8080/auth/v1.0$}, + /^auth_user = dispersion_auth_user-secret$/, + /^auth_key = dispersion_auth_key-secret$/ + ].each do |content| + expect(chef_run).to render_file(file.name).with_content(content) + end + end + + it 'has template overrides' do + node.set['openstack']['object-storage']['auth_url'] = 'url' + node.set['openstack']['object-storage']['dispersion']['auth_user'] = 'user' + node.set['openstack']['object-storage']['dispersion']['auth_key'] = 'key' + [ + /^auth_url = url$/, + /^auth_user = user$/, + /^auth_key = key$/ + ].each do |content| + expect(chef_run).to render_file(file.name).with_content(content) + end + end end end diff --git a/spec/object_spec.rb b/spec/object_spec.rb index 129896f..62615ce 100644 --- a/spec/object_spec.rb +++ b/spec/object_spec.rb @@ -39,6 +39,10 @@ describe 'openstack-object-storage::object-server' do describe '/etc/swift/object-server.conf' do let(:file) { chef_run.template('/etc/swift/object-server.conf') } + it_behaves_like 'custom template banner displayer' do + let(:file_name) { file.name } + end + it 'creates object-server.conf' do expect(chef_run).to create_template(file.name).with( user: 'swift', diff --git a/spec/proxy_spec.rb b/spec/proxy_spec.rb index bc8c334..b161a91 100644 --- a/spec/proxy_spec.rb +++ b/spec/proxy_spec.rb @@ -33,6 +33,10 @@ describe 'openstack-object-storage::proxy-server' do describe '/etc/swift/proxy-server.conf' do let(:file) { chef_run.template('/etc/swift/proxy-server.conf') } + it_behaves_like 'custom template banner displayer' do + let(:file_name) { file.name } + end + it 'creates proxy-server.conf' do expect(chef_run).to create_template(file.name).with( user: 'swift', @@ -44,10 +48,26 @@ describe 'openstack-object-storage::proxy-server' do describe 'default attribute values' do it_behaves_like 'a common swift server default attribute values checker', 'proxy', nil, nil + it 'has default contents' do + array = [ + /^pipeline = catch_errors healthcheck cache ratelimit swauth proxy-logging proxy-server$/, + /^workers = auto$/, + /^super_admin_key = swift_authkey-secret$/ + ] + array.each do |content| + expect(chef_run).to render_file(file.name).with_content(content) + end + end + it 'uses default attribute value for authmode' do expect(chef_run.node['openstack']['object-storage']['authmode']).to eq('swauth') end + it 'has auth key override' do + node.set['openstack']['object-storage']['authkey'] = '1234' + expect(chef_run).to render_file(file.name).with_content(/^super_admin_key = 1234$/) + end + %w(tempurl formpost domain_remap staticweb).each do |attr| it "uses default attribute value for #{attr} enabled" do expect(chef_run.node['openstack']['object-storage'][attr]['enabled']).to eq(false) diff --git a/spec/rsync_spec.rb b/spec/rsync_spec.rb index 2fe0836..9d5c433 100644 --- a/spec/rsync_spec.rb +++ b/spec/rsync_spec.rb @@ -24,6 +24,10 @@ describe 'openstack-object-storage::rsync' do describe '/etc/rsyncd.conf' do let(:file) { chef_run.template('/etc/rsyncd.conf') } + it_behaves_like 'custom template banner displayer' do + let(:file_name) { file.name } + end + it 'creates /etc/rsyncd.conf' do expect(chef_run).to create_template(file.name).with( mode: 0644 diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 358bd74..ba16a1a 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -77,6 +77,21 @@ shared_context 'swift-stubs' do allow_any_instance_of(Chef::Recipe).to receive(:get_password) .with('service', 'openstack-object-storage') .and_return('swift-pass') + allow_any_instance_of(Chef::Recipe).to receive(:get_secret) + .with('swift_hash_path_prefix') + .and_return('swift_hash_path_prefix-secret') + allow_any_instance_of(Chef::Recipe).to receive(:get_secret) + .with('swift_hash_path_suffix') + .and_return('swift_hash_path_suffix-secret') + allow_any_instance_of(Chef::Recipe).to receive(:get_secret) + .with('swift_authkey') + .and_return('swift_authkey-secret') + allow_any_instance_of(Chef::Recipe).to receive(:get_secret) + .with('dispersion_auth_user') + .and_return('dispersion_auth_user-secret') + allow_any_instance_of(Chef::Recipe).to receive(:get_secret) + .with('dispersion_auth_key') + .and_return('dispersion_auth_key-secret') end end @@ -162,3 +177,10 @@ shared_examples 'a common swift server default attribute values checker' do |ser expect(chef_run.node['openstack']['object-storage']["#{server_type}-server"]['workers']).to eq('auto') end end + +shared_examples 'custom template banner displayer' do + it 'shows the custom banner' do + node.set['openstack']['object-storage']['custom_template_banner'] = 'custom_template_banner_value' + expect(chef_run).to render_file(file_name).with_content(/^custom_template_banner_value$/) + end +end diff --git a/spec/storage-common_spec.rb b/spec/storage-common_spec.rb index 3f8c75c..1bb413c 100644 --- a/spec/storage-common_spec.rb +++ b/spec/storage-common_spec.rb @@ -26,6 +26,10 @@ describe 'openstack-object-storage::storage-common' do describe '/etc/swift/drive-audit.conf' do let(:file) { chef_run.template('/etc/swift/drive-audit.conf') } + it_behaves_like 'custom template banner displayer' do + let(:file_name) { file.name } + end + it 'creates drive-audit.conf' do expect(chef_run).to create_template(file.name).with( user: 'swift', diff --git a/templates/default/account-server.conf.erb b/templates/default/account-server.conf.erb index 5e6cf84..1f92102 100644 --- a/templates/default/account-server.conf.erb +++ b/templates/default/account-server.conf.erb @@ -1,3 +1,5 @@ +<%= node['openstack']['object-storage']['custom_template_banner'] %> + [DEFAULT] # bind_ip = 0.0.0.0 # bind_port = 6002 diff --git a/templates/default/container-server.conf.erb b/templates/default/container-server.conf.erb index 787a6c4..4d3ff36 100644 --- a/templates/default/container-server.conf.erb +++ b/templates/default/container-server.conf.erb @@ -1,3 +1,5 @@ +<%= node['openstack']['object-storage']['custom_template_banner'] %> + [DEFAULT] bind_ip = <%= @bind_ip %> bind_port = <%= @bind_port %> diff --git a/templates/default/dispersion.conf.erb b/templates/default/dispersion.conf.erb index 3a1cd87..d4d89ed 100644 --- a/templates/default/dispersion.conf.erb +++ b/templates/default/dispersion.conf.erb @@ -1,3 +1,5 @@ +<%= node['openstack']['object-storage']['custom_template_banner'] %> + [dispersion] auth_url = <%= @auth_url %> auth_user = <%= @auth_user %> diff --git a/templates/default/drive-audit.conf.erb b/templates/default/drive-audit.conf.erb index ddde011..d32a089 100644 --- a/templates/default/drive-audit.conf.erb +++ b/templates/default/drive-audit.conf.erb @@ -1,3 +1,5 @@ +<%= node['openstack']['object-storage']['custom_template_banner'] %> + [drive-audit] log_facility = LOG_LOCAL0 log_level = INFO diff --git a/templates/default/object-server.conf.erb b/templates/default/object-server.conf.erb index 0f1fc5e..d933964 100644 --- a/templates/default/object-server.conf.erb +++ b/templates/default/object-server.conf.erb @@ -1,3 +1,5 @@ +<%= node['openstack']['object-storage']['custom_template_banner'] %> + [DEFAULT] bind_ip = <%= @bind_ip %> bind_port = <%= @bind_port %> diff --git a/templates/default/proxy-server.conf.erb b/templates/default/proxy-server.conf.erb index 3b66bc2..dbd4497 100644 --- a/templates/default/proxy-server.conf.erb +++ b/templates/default/proxy-server.conf.erb @@ -1,3 +1,4 @@ +<%= node['openstack']['object-storage']['custom_template_banner'] %> <% pipeline = [] diff --git a/templates/default/pull-rings.sh.erb b/templates/default/pull-rings.sh.erb index 5e4f57c..4696acf 100644 --- a/templates/default/pull-rings.sh.erb +++ b/templates/default/pull-rings.sh.erb @@ -1,4 +1,5 @@ #!/bin/bash +<%= node['openstack']['object-storage']['custom_template_banner'] %> # this has to be run as root to restart the services... diff --git a/templates/default/rsyncd.conf.erb b/templates/default/rsyncd.conf.erb index 5bd8526..7de8603 100644 --- a/templates/default/rsyncd.conf.erb +++ b/templates/default/rsyncd.conf.erb @@ -1,3 +1,5 @@ +<%= node['openstack']['object-storage']['custom_template_banner'] %> + uid = swift gid = swift diff --git a/templates/default/simple-redhat-init-config.erb b/templates/default/simple-redhat-init-config.erb index 28c002f..6cd975d 100644 --- a/templates/default/simple-redhat-init-config.erb +++ b/templates/default/simple-redhat-init-config.erb @@ -1,4 +1,5 @@ #!/bin/sh +<%= node['openstack']['object-storage']['custom_template_banner'] %> ### BEGIN INIT INFO # Provides: <%= @exec %> diff --git a/templates/default/simple-systemd-config.erb b/templates/default/simple-systemd-config.erb index 3958250..8dc0ba8 100644 --- a/templates/default/simple-systemd-config.erb +++ b/templates/default/simple-systemd-config.erb @@ -1,3 +1,5 @@ +<%= node['openstack']['object-storage']['custom_template_banner'] %> + [Unit] Description=<%= @description %> After=syslog.target network.target diff --git a/templates/default/swift-statsd-publish.py.erb b/templates/default/swift-statsd-publish.py.erb index 1b88d59..99cadf3 100644 --- a/templates/default/swift-statsd-publish.py.erb +++ b/templates/default/swift-statsd-publish.py.erb @@ -16,9 +16,9 @@ # License for the specific language governing permissions and limitations # under the License. # -""" -THIS FILE WAS INSTALLED BY CHEF. ANY CHANGES WILL BE OVERWRITTEN. +<%= node['openstack']['object-storage']['custom_template_banner'] %> +""" Openstack swift collector for recon and dispersion reports. Will send back dispersion reporting metrics as well as swift recon statistics to a statsd server for graphite consumption diff --git a/templates/default/swift.conf.erb b/templates/default/swift.conf.erb new file mode 100644 index 0000000..9c45919 --- /dev/null +++ b/templates/default/swift.conf.erb @@ -0,0 +1,50 @@ +<%= node['openstack']['object-storage']['custom_template_banner'] %> + +[swift-hash] +swift_hash_path_prefix = <%= @swift_hash_path_prefix %> +swift_hash_path_suffix = <%= @swift_hash_path_suffix %> + +# storage policies are defined here and determine various characteristics +# about how objects are stored and treated. Policies are specified by name on +# a per container basis. Names are case-insensitive. The policy index is +# specified in the section header and is used internally. The policy with +# index 0 is always used for legacy containers and can be given a name for use +# in metadata however the ring file name will always be 'object.ring.gz' for +# backwards compatibility. If no policies are defined a policy with index 0 +# will be automatically created for backwards compatibility and given the name +# Policy-0. A default policy is used when creating new containers when no +# policy is specified in the request. If no other policies are defined the +# policy with index 0 will be declared the default. If multiple policies are +# defined you must define a policy with index 0 and you must specify a +# default. It is recommended you always define a section for +# storage-policy:0. +[storage-policy:0] +name = Policy-0 +default = yes + +# the following section would declare a policy called 'silver', the number of +# replicas will be determined by how the ring is built. In this example the +# 'silver' policy could have a lower or higher # of replicas than the +# 'Policy-0' policy above. The ring filename will be 'object-1.ring.gz'. You +# may only specify one storage policy section as the default. If you changed +# this section to specify 'silver' as the default, when a client created a new +# container w/o a policy specified, it will get the 'silver' policy because +# this config has specified it as the default. However if a legacy container +# (one created with a pre-policy version of swift) is accessed, it is known +# implicitly to be assigned to the policy with index 0 as opposed to the +# current default. +#[storage-policy:1] +#name = silver + +[swift-constraints] +max_file_size = <%= node['openstack']['object-storage']['max_file_size'] %> +max_meta_name_length = <%= node['openstack']['object-storage']['max_meta_name_length'] %> +max_meta_value_length = <%= node['openstack']['object-storage']['max_meta_value_length'] %> +max_meta_count = <%= node['openstack']['object-storage']['max_meta_count'] %> +max_meta_overall_size = <%= node['openstack']['object-storage']['max_meta_overall_size'] %> +max_header_size = <%= node['openstack']['object-storage']['max_header_size'] %> +max_object_name_length = <%= node['openstack']['object-storage']['max_object_name_length'] %> +container_listing_limit = <%= node['openstack']['object-storage']['container_listing_limit'] %> +account_listing_limit = <%= node['openstack']['object-storage']['account_listing_limit'] %> +max_account_name_length = <%= node['openstack']['object-storage']['max_account_name_length'] %> +max_container_name_length = <%= node['openstack']['object-storage']['max_container_name_length'] %>