diff --git a/deployment/puppet/openstack/manifests/swift/proxy.pp b/deployment/puppet/openstack/manifests/swift/proxy.pp index a4cf8cad6f..5c3702e0e6 100644 --- a/deployment/puppet/openstack/manifests/swift/proxy.pp +++ b/deployment/puppet/openstack/manifests/swift/proxy.pp @@ -34,11 +34,7 @@ class openstack::swift::proxy ( $ratelimit_rate_buffer_seconds = 5, $ratelimit_account_ratelimit = 0, $package_ensure = 'present', - $controller_node_address = '10.0.0.1', - $swift_proxies = { - '127.0.0.1' => '127.0.0.1' - } - , + $swift_proxies_cache = ['127.0.0.1'], $primary_proxy = false, $swift_devices = undef, $master_swift_proxy_ip = undef, @@ -48,6 +44,11 @@ class openstack::swift::proxy ( $verbose = true, $log_facility = 'LOG_LOCAL1', $ceilometer = false, + $admin_user = 'swift', + $admin_tenant_name = 'services', + $admin_password = 'password', + $auth_host = '10.0.0.1', + $auth_protocol = 'http', ) { if !defined(Class['swift']) { class { 'swift': @@ -101,7 +102,7 @@ class openstack::swift::proxy ( '::swift::proxy::slo',]: } - $cache_addresses = inline_template("<%= @swift_proxies.values.uniq.sort.collect {|ip| ip + ':11211' }.join ',' %>") + $cache_addresses = inline_template("<%= @swift_proxies_cache.uniq.sort.collect {|ip| ip + ':11211' }.join ',' %>") class { '::swift::proxy::cache': memcache_servers => split($cache_addresses, ',') } @@ -114,8 +115,9 @@ class openstack::swift::proxy ( } class { '::swift::proxy::s3token': - auth_host => $controller_node_address, - auth_port => '35357', + auth_host => $auth_host, + auth_port => '35357', + auth_protocol => $auth_protocol, } class { '::swift::proxy::keystone': @@ -123,10 +125,11 @@ class openstack::swift::proxy ( } class { '::swift::proxy::authtoken': - admin_user => 'swift', - admin_tenant_name => 'services', - admin_password => $swift_user_password, - auth_host => $controller_node_address, + admin_user => $admin_user, + admin_tenant_name => $admin_tenant_name, + admin_password => $admin_password, + auth_host => $auth_host, + auth_protocol => $auth_protocol, } if $primary_proxy { @@ -159,8 +162,7 @@ class openstack::swift::proxy ( Swift::Ringbuilder::Create<||> -> Ring_devices<||> ~> Swift::Ringbuilder::Rebalance <||> - - } else { + } else { validate_string($master_swift_proxy_ip) if member($rings, 'account') and ! defined(Swift::Ringsync['account']) { diff --git a/deployment/puppet/osnailyfacter/modular/swift/swift.pp b/deployment/puppet/osnailyfacter/modular/swift/swift.pp index 1de98c7c37..353f798921 100644 --- a/deployment/puppet/osnailyfacter/modular/swift/swift.pp +++ b/deployment/puppet/osnailyfacter/modular/swift/swift.pp @@ -1,26 +1,34 @@ notice('MODULAR: swift.pp') -$swift_hash = hiera('swift_hash') -$swift_master_role = hiera('swift_master_role', 'primary-controller') -$swift_nodes = pick(hiera('swift_nodes', undef), hiera('controllers', undef)) -$swift_proxies = pick(hiera('swift_proxies', undef), hiera('controller_internal_addresses', undef)) -$primary_swift = pick(hiera('primary_swift', undef), hiera('primary_controller', undef)) -$proxy_port = hiera('proxy_port', '8080') -$network_scheme = hiera('network_scheme', {}) -$storage_hash = hiera('storage_hash') -$mp_hash = hiera('mp') -$management_vip = hiera('management_vip') -$debug = hiera('debug', false) -$verbose = hiera('verbose') -$storage_address = hiera('storage_address') -$node = hiera('node') -$ring_min_part_hours = hiera('swift_ring_min_part_hours', 1) +$swift_hash = hiera_hash('swift_hash') +$swift_master_role = hiera('swift_master_role', 'primary-controller') +$swift_nodes = pick(hiera('swift_nodes', undef), hiera('controllers', undef)) +$swift_proxies_cache = pick(hiera('swift_proxies_cache', undef), hiera('controller_nodes', undef)) +$primary_swift = pick(hiera('primary_swift', undef), hiera('primary_controller', undef)) +$proxy_port = hiera('proxy_port', '8080') +$network_scheme = hiera('network_scheme', {}) +$storage_hash = hiera('storage_hash') +$mp_hash = hiera('mp') +$management_vip = hiera('management_vip') +$debug = hiera('debug', false) +$verbose = hiera('verbose') +$storage_address = hiera('storage_address') +$node = hiera('node') +$ring_min_part_hours = hiera('swift_ring_min_part_hours', 1) +$deploy_swift_storage = hiera('deploy_swift_storage', true) +$deploy_swift_proxy = hiera('deploy_swift_proxy', true) +$create_keystone_auth = pick($swift_hash['create_keystone_auth'], true) +#Keystone settings +$service_endpoint = hiera('service_endpoint', $management_vip) +$keystone_endpoint = hiera('keystone_endpoint', $service_endpoint) +$keystone_user = pick($swift_hash['user'], 'swift') +$keystone_password = pick($swift_hash['user_password'], 'passsword') +$keystone_tenant = pick($swift_hash['tenant'], 'services') +$keystone_protocol = pick($swift_hash['auth_protocol'], 'http') # Use Swift if it isn't replaced by vCenter, Ceph for BOTH images and objects if !($storage_hash['images_ceph'] and $storage_hash['objects_ceph']) and !$storage_hash['images_vcenter'] { - if !(hiera('swift_partition', false)) { - $swift_partition = '/var/lib/glance/node' - } + $swift_partition = hiera('swift_partition', '/var/lib/glance/node') $master_swift_proxy_nodes = filter_nodes(hiera('nodes_hash'),'role',$swift_master_role) $master_swift_proxy_ip = $master_swift_proxy_nodes[0]['storage_address'] if ($primary_swift) { @@ -28,19 +36,20 @@ if !($storage_hash['images_ceph'] and $storage_hash['objects_ceph']) and !$stora } else { $primary_proxy = false } - - class { 'openstack::swift::storage_node': - storage_type => false, - loopback_size => '5243780', - storage_mnt_base_dir => $swift_partition, - storage_devices => filter_hash($mp_hash,'point'), - swift_zone => $node[0]['swift_zone'], - swift_local_net_ip => $storage_address, - master_swift_proxy_ip => $master_swift_proxy_ip, - sync_rings => ! $primary_proxy, - debug => $debug, - verbose => $verbose, - log_facility => 'LOG_SYSLOG', + if ($deploy_swift_storage){ + class { 'openstack::swift::storage_node': + storage_type => false, + loopback_size => '5243780', + storage_mnt_base_dir => $swift_partition, + storage_devices => filter_hash($mp_hash,'point'), + swift_zone => $node[0]['swift_zone'], + swift_local_net_ip => $storage_address, + master_swift_proxy_ip => $master_swift_proxy_ip, + sync_rings => ! $primary_proxy, + debug => $debug, + verbose => $verbose, + log_facility => 'LOG_SYSLOG', + } } if $primary_proxy { ring_devices {'all': @@ -49,46 +58,49 @@ if !($storage_hash['images_ceph'] and $storage_hash['objects_ceph']) and !$stora } } - if has_key($swift_hash, 'resize_value') { - $resize_value = $swift_hash['resize_value'] - } else { - $resize_value = 2 + if ($deploy_swift_proxy){ + $resize_value = pick($swift_hash['resize_value'], 2) + + $ring_part_power = calc_ring_part_power($swift_nodes,$resize_value) + $sto_net = $network_scheme['endpoints'][$network_scheme['roles']['storage']]['IP'] + $man_net = $network_scheme['endpoints'][$network_scheme['roles']['management']]['IP'] + + class { 'openstack::swift::proxy': + swift_user_password => $swift_hash['user_password'], + swift_proxies_cache => $swift_proxies_cache, + ring_part_power => $ring_part_power, + primary_proxy => $primary_proxy, + swift_local_net_ip => $storage_address, + master_swift_proxy_ip => $master_swift_proxy_ip, + proxy_port => $proxy_port, + debug => $debug, + verbose => $verbose, + log_facility => 'LOG_SYSLOG', + ceilometer => hiera('use_ceilometer',false), + ring_min_part_hours => $ring_min_part_hours, + admin_user => $keystone_user, + admin_tenant_name => $keystone_tenant, + admin_password => $keystone_password, + auth_host => $keystone_endpoint, + auth_protocol => $keystone_protocol, + } -> + + class { 'openstack::swift::status': + endpoint => "http://${storage_address}:${proxy_port}", + vip => $management_vip, + only_from => "127.0.0.1 240.0.0.2 ${sto_net} ${man_net}", + con_timeout => 5 + } + + if ($create_keystone_auth){ + class { 'swift::keystone::auth': + password => $swift_hash['user_password'], + public_address => hiera('public_vip'), + internal_address => $management_vip, + admin_address => $management_vip, + } + } } - - $ring_part_power = calc_ring_part_power($swift_nodes,$resize_value) - $sto_net = $network_scheme['endpoints'][$network_scheme['roles']['storage']]['IP'] - $man_net = $network_scheme['endpoints'][$network_scheme['roles']['management']]['IP'] - - class { 'openstack::swift::proxy': - swift_user_password => $swift_hash['user_password'], - swift_proxies => $swift_proxies, - ring_part_power => $ring_part_power, - primary_proxy => $primary_proxy, - controller_node_address => $management_vip, - swift_local_net_ip => $storage_address, - master_swift_proxy_ip => $master_swift_proxy_ip, - proxy_port => $proxy_port, - debug => $debug, - verbose => $verbose, - log_facility => 'LOG_SYSLOG', - ceilometer => hiera('use_ceilometer',false), - ring_min_part_hours => $ring_min_part_hours, - } -> - - class { 'openstack::swift::status': - endpoint => "http://${storage_address}:${proxy_port}", - vip => $management_vip, - only_from => "127.0.0.1 240.0.0.2 ${sto_net} ${man_net}", - con_timeout => 5 - } - - class { 'swift::keystone::auth': - password => $swift_hash['user_password'], - public_address => hiera('public_vip'), - internal_address => $management_vip, - admin_address => $management_vip, - } - } # 'ceilometer' class is being declared inside openstack::ceilometer class