Merge "Allow Swift middleware to be set via a variable"

2015-08-07 10:09:26 +00:00
parent d82bbb4336 2ed2bde1b0
commit e61aee7d41
4 changed files with 42 additions and 22 deletions
--- a/playbooks/roles/os_swift/defaults/main.yml
+++ b/playbooks/roles/os_swift/defaults/main.yml
@@ -31,9 +31,30 @@ swift_system_comment: swift system user
 swift_system_home_folder: "/var/lib/{{ swift_system_user_name }}"

 ## Auth token
-swift_authtoken_active: True
 swift_delay_auth_decision: true

+## Swift middleware
+# NB: The order is important!
+swift_middleware_list:
+  - catch_errors
+  - gatekeeper
+  - healthcheck
+  - proxy-logging
+#  - ceilometer
+  - cache
+  - container_sync
+  - bulk
+  - tempurl
+  - ratelimit
+  - authtoken
+  - keystoneauth
+  - container-quotas
+  - account-quotas
+  - slo
+  - dlo
+  - proxy-logging
+  - proxy-server
+
 ## Swift default ports
 swift_proxy_port: "8080"
 swift_object_port: "6000"
--- a/playbooks/roles/os_swift/templates/proxy-server.conf.j2
+++ b/playbooks/roles/os_swift/templates/proxy-server.conf.j2
@@ -12,19 +12,8 @@ user = {{ swift_system_user_name }}
 log_facility = LOG_LOCAL1

 [pipeline:main]
-{% if swift_authtoken_active %}
-{% if swift_ceilometer_enabled %}
-pipeline = catch_errors gatekeeper healthcheck proxy-logging ceilometer cache container_sync bulk tempurl ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo proxy-server
-{% else %}
-pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo proxy-logging proxy-server
-{% endif %}
-{% else %}
-{% if swift_ceilometer_enabled %}
-pipeline = catch_errors gatekeeper healthcheck proxy-logging ceilometer cache container_sync bulk tempurl ratelimit tempauth container-quotas account-quotas slo dlo proxy-server
-{% else %}
-pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit tempauth container-quotas account-quotas slo dlo proxy-logging proxy-server
-{% endif %}
-{% endif %}
+pipeline = {{ swift_middleware_list | join(' ') }}
+
 [app:proxy-server]
 use = egg:swift#proxy
 log_facility = LOG_LOCAL1
@@ -43,18 +32,18 @@ write_affinity_node_count = {{ swift_proxy_vars.write_affinity_node_count }}
 {%   endif %}
 {% endif %}

+{% if 'tempauth' in swift_middleware_list %}
 [filter:tempauth]
 use = egg:swift#tempauth
-{% if not swift_authtoken_active %}
 user_admin_admin = admin .admin .reseller_admin
 user_test_tester = testing .admin
 user_test2_tester2 = testing2 .admin
 user_test_tester3 = testing3
+{% endif %}

-{% elif swift_authtoken_active %}
+{% if 'authtoken' in swift_middleware_list %}
 [filter:authtoken]
 paste.filter_factory = keystonemiddleware.auth_token:filter_factory
-insecure = {{ keystone_service_internaluri_insecure | bool }}
 auth_plugin = {{ swift_keystone_auth_plugin }}
 auth_url = {{ keystone_service_adminuri }}
 auth_uri = {{ keystone_service_internaluri }}
@@ -66,16 +55,17 @@ password = {{ swift_service_password }}
 delay_auth_decision = {{ swift_delay_auth_decision }}
 {% endif %}

+{% if 'keystoneauth' in swift_middleware_list %}
 [filter:keystoneauth]
 use = egg:swift#keystoneauth
 {% if swift_allow_all_users is defined and swift_allow_all_users == True %}
-{% if swift_ceilometer_enabled %}
+{% if 'ceilometer' in swift_middleware_list %}
 operator_roles = admin, swiftoperator, _member_, ResellerAdmin
 {% else %}
 operator_roles = admin, swiftoperator, _member_
 {% endif %}
 {% else %}
-{% if swift_ceilometer_enabled %}
+{% if 'ceilometer' in swift_middleware_list %}
 operator_roles = admin, swiftoperator, ResellerAdmin
 {% else %}
 operator_roles = admin, swiftoperator
@@ -83,6 +73,7 @@ operator_roles = admin, swiftoperator
 {% endif %}
 # The reseller admin role has the ability to create and delete accounts
 reseller_admin_role = reseller_admin
+{% endif %}

 [filter:healthcheck]
 use = egg:swift#healthcheck
@@ -146,7 +137,7 @@ use = egg:swift#container_sync
 [filter:xprofile]
 use = egg:swift#xprofile

-{% if swift_ceilometer_enabled %}
+{% if 'ceilometer' in swift_middleware_list %}
 [filter:ceilometer]
 paste.filter_factory = ceilometermiddleware.swift:filter_factory
 control_exchange = swift
--- a/playbooks/roles/os_tempest/defaults/main.yml
+++ b/playbooks/roles/os_tempest/defaults/main.yml
@@ -52,7 +52,15 @@ tempest_boto_s3_url: "http://{{ external_lb_vip_address }}:3333"
 tempest_boto_ec2_url: "http://{{ external_lb_vip_address }}:8773/services/Cloud"

 tempest_swift_enabled: true
+tempest_swift_container_sync: True
 tempest_swift_object_versioning: True
+tempest_swift_discoverable_apis:
+  - bulk
+  - object
+  - container_quotas
+  - container_sync
+  - slo
+  - tempurl

 tempest_volume_backup_enabled: False

--- a/playbooks/roles/os_tempest/templates/tempest.conf.j2
+++ b/playbooks/roles/os_tempest/templates/tempest.conf.j2
@@ -172,9 +172,9 @@ reseller_admin_role = reseller_admin


 [object-storage-feature-enabled]
-container_sync = false
+container_sync = {{ tempest_swift_container_sync }}
 object_versioning = {{ tempest_swift_object_versioning }}
-discoverable_apis = all
+discoverable_apis = {{ tempest_swift_discoverable_apis | join(' ') }}


 [orchestration]