Add ceph client and configuration for immutable object cache

See [1] for details of this ceph component. Optionally deployed on nova-compute nodes to accellerate access to read-only data for volumes created from snapshots. [1] https://docs.ceph.com/en/latest/rbd/rbd-persistent-read-only-cache/ Change-Id: I34f2f403d03cc95f593f21c717609b9858b8d989
2023-05-10 14:29:15 +01:00 · 2023-05-10 14:29:15 +01:00 · 9ee3bb24f6
commit 9ee3bb24f6
parent f7cd0b0eda
4 changed files with 72 additions and 2 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -75,12 +75,13 @@ ceph_cluster_name: ceph
 # etc..
 #ceph_keyrings_dir: "/etc/openstack/ceph-keyrings"

-# Ceph client usernames for glance, cinder+nova and gnocchi
+# Ceph client usernames for glance, cinder+nova, gnocchi and object cache
 glance_ceph_client: glance
 cinder_ceph_client: cinder
 manila_ceph_client: manila
 cinder_backup_ceph_client: cinder-backup
 gnocchi_ceph_client: gnocchi
+immutable_object_cache_client: immutable-object-cache

 # by default we assume you use rbd for both cinder and nova, and as libvirt
 # needs to access both volumes (cinder) as boot disks (nova) we default to
@ -125,3 +126,14 @@ ceph_client_ceph_conf_overrides: "{{ ceph_conf_overrides | default({}) }}"
 # CentOS repos
 ceph_centos_epel_mirror: "{{ centos_epel_mirror | default('http://download.fedoraproject.org/pub/epel') }}"
 ceph_centos_epel_key: "{{ centos_epel_key | default('http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-' ~ ansible_facts['distribution_major_version']) }}"
+
+# Immutible object cache - caches a read-only base layer of rbd volumes
+ceph_immutable_object_cache_enabled: False
+ceph_immutable_object_cache_service_name: "ceph-immutable-object-cache@"
+ceph_immutable_object_cache_dir: "/ceph-immutable-object-cache"
+ceph_immutable_object_cache_umask: "0002"
+ceph_immutable_object_cache_owner: "ceph"
+ceph_immutable_object_cache_group: "libvirt-qemu"
+ceph_immutable_object_cache_mode: "0755"
+ceph_immutable_object_cache_key_owner: "{{ ceph_immutable_object_cache_owner }}"
+ceph_immutable_object_cache_key_group: "{{ ceph_immutable_object_cache_group }}"
--- a/tasks/ceph_immutable_object_cache.yml
+++ b/tasks/ceph_immutable_object_cache.yml
@ -0,0 +1,44 @@
+# Copyright 2023, BBC R&D
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Set permissions on immutable object cache directory
+  file:
+    path: "{{ ceph_immutable_object_cache_dir }}"
+    owner: "{{ ceph_immutable_object_cache_owner }}"
+    group: "{{ ceph_immutable_object_cache_group }}"
+    mode: "{{ ceph_immutable_object_cache_mode }}"
+
+- name: Add libvirt-qemu user to ceph group
+  user:
+    append: true
+    name: "{{ ceph_immutable_object_cache_group }}"
+    groups: "ceph"
+
+- name: Create ceph immutable object cache service overrides
+  import_role:
+    name: systemd_service
+  vars:
+    systemd_services:
+      - service_name: "{{ ceph_immutable_object_cache_service_name }}"
+        systemd_overrides_only: true
+        systemd_overrides:
+          Service:
+            UMask: "{{ ceph_immutable_object_cache_umask }}"
+            ExecStart: "{{ ['', '/usr/bin/ceph-immutable-object-cache -f --cluster ${CLUSTER} --name client.immutable-object-cache --setuser ' ~ ceph_immutable_object_cache_owner ~ ' --setgroup ' ~ ceph_immutable_object_cache_group ] }}"
+
+- name: Ensure ceph immutable object cache service is running
+  service:
+    name: "{{ ceph_immutable_object_cache_service_name }}1.service"
+    state: started
+    enabled: true
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -71,3 +71,9 @@
    - cephx | bool
  tags:
    - ceph-config
+
+- include_tasks: ceph_immutable_object_cache.yml
+  when:
+    - ceph_immutable_object_cache_enabled | bool
+  tags:
+    - ceph-config
--- a/vars/main.yml
+++ b/vars/main.yml
@ -33,9 +33,13 @@ ceph_components:
      - name: '{{ cinder_backup_ceph_client }}'
    service: '{{ ceph_cinder_service_names }}'
  - component: nova_compute
-    package: "{{ libvirt_packages + [ 'ceph-common' ] + python_ceph_packages  }}"
+    package: "{{ (libvirt_packages + [ 'ceph-common' ] + ceph_immutable_object_cache_packages + python_ceph_packages) | select }}"
    client:
      - name: "{{ nova_ceph_client }}"
+      - name: "{{ immutable_object_cache_client }}"
+        owner: "{{ ceph_immutable_object_cache_key_owner }}"
+        group: "{{ ceph_immutable_object_cache_key_group }}"
+        enabled: "{{ ceph_immutable_object_cache_enabled }}"
    service: '{{ ceph_nova_service_names }}'
  - component: manila_share
    package: "{{ ['ceph-common'] + python_ceph_packages  }}"
@ -43,6 +47,10 @@ ceph_components:
      - name: "{{ manila_ceph_client }}"
    service: "{{ ceph_manila_service_names }}"

+# cache daemon package name is the same on ubuntu/centos
+ceph_immutable_object_cache_packages:
+  - "{{ ceph_immutable_object_cache_enabled | ternary('ceph-immutable-object-cache', '') }}"
+
 ceph_extra_components: []
 # Gnocchi has been moved out from the integrated OSA repo, but can still
 # be optionally enabled by using the configuration in the os_gnocchi role repo