From 93a9cbdbd463b3fec82ba678d674a8a9c9a4eee0 Mon Sep 17 00:00:00 2001
From: Andy McCrae <andy.mccrae@gmail.com>
Date: Wed, 3 Dec 2014 11:59:53 +0000
Subject: [PATCH] Add swift-dispersion support
* Add dispersion.conf into /etc/swift
* Add dispersion keystone user
* Give swiftoperator role to dispersion user
Change-Id: Ieb41c9a9902c30240b106b462ba83d151708491e
Closes-Bug: 1398808
---
etc/rpc_deploy/user_variables.yml | 3 ++
.../playbooks/openstack/swift-proxy.yml | 1 +
.../roles/swift_common/tasks/main.yml | 11 ++++---
.../swift_common/tasks/swift_dispersion.yml | 21 ++++++++++++
.../templates/swift-dispersion.conf.j2 | 27 ++++++++++++++++
.../swift_dispersion_user/tasks/main.yml | 32 +++++++++++++++++++
6 files changed, 90 insertions(+), 5 deletions(-)
create mode 100644 rpc_deployment/roles/swift_common/tasks/swift_dispersion.yml
create mode 100644 rpc_deployment/roles/swift_common/templates/swift-dispersion.conf.j2
create mode 100644 rpc_deployment/roles/swift_dispersion_user/tasks/main.yml
diff --git a/etc/rpc_deploy/user_variables.yml b/etc/rpc_deploy/user_variables.yml
index 1664f7eb42..71679740ae 100644
--- a/etc/rpc_deploy/user_variables.yml
+++ b/etc/rpc_deploy/user_variables.yml
@@ -162,3 +162,6 @@ swift_hash_path_suffix:
swift_hash_path_prefix:
# This will allow all users to create containers and upload to swift if set to True
swift_allow_all_users: False
+# The dispersion user is for swift-dispersion-report
+swift_dispersion_user: dispersion
+swift_dispersion_password:
diff --git a/rpc_deployment/playbooks/openstack/swift-proxy.yml b/rpc_deployment/playbooks/openstack/swift-proxy.yml
index 474c4d69e9..d3e9ef5b65 100644
--- a/rpc_deployment/playbooks/openstack/swift-proxy.yml
+++ b/rpc_deployment/playbooks/openstack/swift-proxy.yml
@@ -30,5 +30,6 @@
roles:
- keystone_add_service
- swiftoperator_role_create
+ - swift_dispersion_user
vars_files:
- vars/openstack_service_vars/swift_proxy_endpoint.yml
diff --git a/rpc_deployment/roles/swift_common/tasks/main.yml b/rpc_deployment/roles/swift_common/tasks/main.yml
index b1d06f196f..12bb03b407 100644
--- a/rpc_deployment/roles/swift_common/tasks/main.yml
+++ b/rpc_deployment/roles/swift_common/tasks/main.yml
@@ -14,10 +14,11 @@
# limitations under the License.
- include: log_setup.yml
+- include: swift_dispersion.yml
- name: "Drop swift.conf template"
- template: >
- src="swift.conf.j2"
- dest="/etc/swift/swift.conf"
- owner={{ system_user }}
- mode=0644
+ template:
+ src: "swift.conf.j2"
+ dest: "/etc/swift/swift.conf"
+ owner: "{{ system_user }}"
+ mode: "0644"
diff --git a/rpc_deployment/roles/swift_common/tasks/swift_dispersion.yml b/rpc_deployment/roles/swift_common/tasks/swift_dispersion.yml
new file mode 100644
index 0000000000..fd42d339e2
--- /dev/null
+++ b/rpc_deployment/roles/swift_common/tasks/swift_dispersion.yml
@@ -0,0 +1,21 @@
+---
+# Copyright 2014, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: "Place dispersion.conf in swift dir"
+ template:
+ src: "swift-dispersion.conf.j2"
+ dest: "/etc/swift/dispersion.conf"
+ owner: "{{ system_user }}"
+ mode: "0644"
diff --git a/rpc_deployment/roles/swift_common/templates/swift-dispersion.conf.j2 b/rpc_deployment/roles/swift_common/templates/swift-dispersion.conf.j2
new file mode 100644
index 0000000000..8e6f4a82e4
--- /dev/null
+++ b/rpc_deployment/roles/swift_common/templates/swift-dispersion.conf.j2
@@ -0,0 +1,27 @@
+[dispersion]
+# Please create a new account solely for using dispersion tools, which is
+# helpful for keep your own data clean.
+# auth_url = http://localhost:8080/auth/v1.0
+# auth_user = test:tester
+# auth_key = testing
+# auth_version = 1.0
+#
+# NOTE: If you want to use keystone (auth version 2.0), then its configuration
+# would look something like:
+auth_url = {{ auth_identity_uri }}
+auth_user = {{ auth_admin_tenant }}:{{ swift_dispersion_user }}
+auth_key = {{ swift_dispersion_password }}
+auth_version = 2.0
+#
+endpoint_type = internalURL
+# keystone_api_insecure = no
+#
+# swift_dir = /etc/swift
+# dispersion_coverage = 1.0
+# retries = 5
+# concurrency = 25
+# container_populate = yes
+# object_populate = yes
+# container_report = yes
+# object_report = yes
+# dump_json = no
diff --git a/rpc_deployment/roles/swift_dispersion_user/tasks/main.yml b/rpc_deployment/roles/swift_dispersion_user/tasks/main.yml
new file mode 100644
index 0000000000..cba3103207
--- /dev/null
+++ b/rpc_deployment/roles/swift_dispersion_user/tasks/main.yml
@@ -0,0 +1,32 @@
+---
+# Copyright 2014, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: "Create keystone user for swift-dispersion"
+ keystone:
+ command: "ensure_user"
+ token: "{{ auth_admin_token }}"
+ endpoint: "{{ auth_admin_uri }}"
+ user_name: "{{ swift_dispersion_user }}"
+ tenant_name: "{{ auth_admin_tenant }}"
+ password: "{{ swift_dispersion_password }}"
+
+- name: "Add swiftoperator role to swift-dispersion user"
+ keystone:
+ command: "ensure_user_role"
+ token: "{{ auth_admin_token }}"
+ endpoint: "{{ auth_admin_uri }}"
+ user_name: "{{ swift_dispersion_user }}"
+ tenant_name: "{{ auth_admin_tenant }}"
+ role_name: "swiftoperator"