From e350f899aea4e6726558cf24afdefb7ad4711060 Mon Sep 17 00:00:00 2001 From: Marcus Murwall Date: Thu, 14 Sep 2017 09:13:02 +0000 Subject: [PATCH] Adds support for specifying GID AND UID for cinder system user Change-Id: I141509b9e2fdb132357542c6b5204ffaa6f33d56 --- defaults/main.yml | 12 ++++++++++ doc/source/configure-cinder.rst | 24 +++++++++++++++++++ ...-system-user-support-f69b87b4876c0dd8.yaml | 5 ++++ tasks/cinder_pre_install.yml | 2 ++ 4 files changed, 43 insertions(+) create mode 100644 releasenotes/notes/gid-and-uid-cinder-system-user-support-f69b87b4876c0dd8.yaml diff --git a/defaults/main.yml b/defaults/main.yml index c86ce248..80414ef7 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -79,6 +79,18 @@ cinder_system_comment: cinder system user cinder_system_shell: /bin/false cinder_system_home_folder: "/var/lib/{{ cinder_system_user_name }}" +## Manually specified cinder UID/GID +# Deployers can specify a UID for the cinder user as well as the GID for the +# cinder group if needed. This is commonly used in environments where shared +# storage is used, such as NFS or GlusterFS, and cinder UID/GID values must be +# in sync between multiple servers. +# +# WARNING: Changing these values on an existing deployment can lead to +# failures, errors, and instability. +# +# cinder_system_user_uid = +# cinder_system_group_gid = + cinder_lock_path: /var/lock/cinder ## Cinder Auth diff --git a/doc/source/configure-cinder.rst b/doc/source/configure-cinder.rst index ed9cbf31..7a61f3d0 100644 --- a/doc/source/configure-cinder.rst +++ b/doc/source/configure-cinder.rst @@ -627,3 +627,27 @@ the desired qos spec dictionary. options: consumer: front-end write_iops_sec: 100 + +Shared storage and synchronized UID/GID +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Specify a custom UID for the cinder user and GID for the cinder group +to ensure they are identical on each host. This is helpful when using shared +storage on Compute nodes because it allows instances to migrate without +filesystem ownership failures. + +By default, Ansible creates the cidner user and group without specifying the +UID or GID. To specify custom values for the UID or GID, set the following +Ansible variables: + +.. code-block:: yaml + + cinder_system_user_uid = + cinder_system_group_gid = + +.. warning:: + + Setting this value after deploying an environment with + OpenStack-Ansible can cause failures, errors, and general instability. These + values should only be set once before deploying an OpenStack environment + and then never changed. diff --git a/releasenotes/notes/gid-and-uid-cinder-system-user-support-f69b87b4876c0dd8.yaml b/releasenotes/notes/gid-and-uid-cinder-system-user-support-f69b87b4876c0dd8.yaml new file mode 100644 index 00000000..86ca88d2 --- /dev/null +++ b/releasenotes/notes/gid-and-uid-cinder-system-user-support-f69b87b4876c0dd8.yaml @@ -0,0 +1,5 @@ +--- +other: + - Added support for specifying GID and UID for cinder system user by defining + ``cinder_system_user_uid`` and ``cinder_system_group_gid``. This setting is + optional. \ No newline at end of file diff --git a/tasks/cinder_pre_install.yml b/tasks/cinder_pre_install.yml index 77fe75e4..f9c66cc9 100644 --- a/tasks/cinder_pre_install.yml +++ b/tasks/cinder_pre_install.yml @@ -16,12 +16,14 @@ - name: create the system group group: name: "{{ cinder_system_group_name }}" + gid: "{{ cinder_system_group_gid|default(omit) }}" state: "present" system: "yes" - name: Create the cinder system user user: name: "{{ cinder_system_user_name }}" + uid: "{{ cinder_system_user_uid|default(omit) }}" group: "{{ cinder_system_group_name }}" comment: "{{ cinder_system_comment }}" shell: "{{ cinder_system_shell }}"