diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 9799483294..ab63645052 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -124,6 +124,7 @@ swift_proxy_server_port: "8080" swift_object_server_port: "6000" swift_account_server_port: "6001" swift_container_server_port: "6002" +swift_rsync_port: "10873" heat_api_port: "8004" heat_api_cfn_port: "8000" diff --git a/ansible/roles/swift/templates/account.conf.j2 b/ansible/roles/swift/templates/account.conf.j2 index ad54582cc7..df8437b946 100644 --- a/ansible/roles/swift/templates/account.conf.j2 +++ b/ansible/roles/swift/templates/account.conf.j2 @@ -20,6 +20,7 @@ use = egg:swift#account {% if service_name == 'swift-account-replicator' %} [account-replicator] +sync_module = {replication_ip}:{meta}:account {% endif %} {% if service_name == 'swift-account-reaper' %} diff --git a/ansible/roles/swift/templates/container.conf.j2 b/ansible/roles/swift/templates/container.conf.j2 index 55e0976dd0..2daad6bc15 100644 --- a/ansible/roles/swift/templates/container.conf.j2 +++ b/ansible/roles/swift/templates/container.conf.j2 @@ -20,6 +20,7 @@ use = egg:swift#container {% if service_name == 'swift-container-replicator' %} [container-replicator] +sync_module = {replication_ip}:{meta}:container {% endif %} {% if service_name == 'swift-container-updater' %} diff --git a/ansible/roles/swift/templates/object.conf.j2 b/ansible/roles/swift/templates/object.conf.j2 index 7499bbfd2f..ae4f08fd57 100644 --- a/ansible/roles/swift/templates/object.conf.j2 +++ b/ansible/roles/swift/templates/object.conf.j2 @@ -25,6 +25,7 @@ use = egg:swift#object {% if service_name == 'swift-object-replicator' %} [object-replicator] +sync_module = {replication_ip}:{meta}:object {% endif %} {% if service_name == 'swift-object-updater' %} diff --git a/ansible/roles/swift/templates/swift-rsyncd.json.j2 b/ansible/roles/swift/templates/swift-rsyncd.json.j2 index 3700a327fa..fb63f58f0f 100644 --- a/ansible/roles/swift/templates/swift-rsyncd.json.j2 +++ b/ansible/roles/swift/templates/swift-rsyncd.json.j2 @@ -1,5 +1,5 @@ { - "command": "/usr/bin/rsync --daemon --no-detach --config=/etc/rsyncd.conf", + "command": "/usr/bin/rsync --daemon --no-detach --port={{swift_rsync_port}} --config=/etc/rsyncd.conf", "config_files": [ { "source": "{{ container_config_directory }}/rsyncd.conf", diff --git a/docker/swift/swift-base/swift_sudoers b/docker/swift/swift-base/swift_sudoers index b20ac15fb8..b67c47df31 100644 --- a/docker/swift/swift-base/swift_sudoers +++ b/docker/swift/swift-base/swift_sudoers @@ -1 +1,3 @@ -swift ALL = (root) NOPASSWD: /var/lib/kolla/venv/bin/swift-rootwrap /etc/swift/rootwrap.conf * +swift ALL=(root) NOPASSWD: /bin/chown -R swift\:swift /srv/node +swift ALL=(root) NOPASSWD: /usr/bin/chown -R swift\:swift /srv/node +swift ALL=(root) NOPASSWD: /var/lib/kolla/venv/bin/swift-rootwrap /etc/swift/rootwrap.conf * diff --git a/docker/swift/swift-rsyncd/Dockerfile.j2 b/docker/swift/swift-rsyncd/Dockerfile.j2 index 8c6cc6ff2f..c2061c7741 100644 --- a/docker/swift/swift-rsyncd/Dockerfile.j2 +++ b/docker/swift/swift-rsyncd/Dockerfile.j2 @@ -15,7 +15,6 @@ RUN apt-get install -y --no-install-recommends \ {% endif %} -RUN setcap 'cap_net_bind_service=+ep' /usr/bin/rsync COPY extend_start.sh /usr/local/bin/kolla_extend_start RUN chmod 755 /usr/local/bin/kolla_extend_start diff --git a/docker/swift/swift-rsyncd/extend_start.sh b/docker/swift/swift-rsyncd/extend_start.sh index b101b4e696..d432b82fb7 100644 --- a/docker/swift/swift-rsyncd/extend_start.sh +++ b/docker/swift/swift-rsyncd/extend_start.sh @@ -1,3 +1,3 @@ #!/bin/bash -chown -R swift: /srv/node +sudo chown -R swift:swift /srv/node